| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-31073 | WordPress Shortcode to display post and user data plugin <= 1.2.0 - Broken Access Control vulnerability | Jose Vega | Display custom fields in the frontend – Post and User Profile Fields | Medium | 4.3 | 2024-12-09 11:31:00 | Deep Dive |
| CVE-2024-0908 | Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page <= 1.13.4 - Missing Authorization to Information Disclosure | bplugins | Advanced Post Block – Showcase Posts with Grid, List, Card Layouts and Filters | Medium | 5.3 | 2024-05-02 16:52:24 | Deep Dive |
| CVE-2023-6996 | Display custom fields in the frontend – Post and User Profile Fields <= 1.2.1 - Authenticated (Contributor+) Code Injection | josevega | Display custom fields in the frontend – Post and User Profile Fields | High | 8.8 | 2024-02-05 21:22:03 | Deep Dive |
| CVE-2023-6982 | Display custom fields in the frontend – Post and User Profile Fields <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via vg_display_data | josevega | Display custom fields in the frontend – Post and User Profile Fields | Medium | 6.4 | 2024-02-05 21:21:39 | Deep Dive |
| CVE-2023-6983 | Display custom fields in the frontend – Post and User Profile Fields <= 1.2.1 - Insecure Direct Object Reference to Authenticated (Contributor+) Post Meta Disclosure | josevega | Display custom fields in the frontend – Post and User Profile Fields | Medium | 4.3 | 2024-02-05 21:21:32 | Deep Dive |
| CVE-2023-48317 | WordPress Display Custom Post Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) | Vikas Vatsa | Display Custom Post | Medium | 6.5 | 2023-11-30 16:34:38 | Deep Dive |