1.2.7

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-19	CVE-2024-8364	Cross-site Scripting vulnerability in Webhammer WP Custom Fields Search The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity webhammer CWE-79	5.4
2023-05-18	CVE-2022-47157	Unspecified vulnerability in Webhammer WP Custom Fields Search Auth. network low complexity webhammer	4.8