Input validation vulnerability in Custom post types, Custom Fields | ww.wp.xz.cn

Resolved eyevisions
(@eyevisions)

2 years, 3 months ago

Can you solve this issue?

The Custom post types, Custom Fields & more plugin for WordPress has a security vulnerability in all versions up to 4.0.12. This vulnerability allows attackers with administrator-level permissions to inject web scripts into pages. When a user visits these pages, the scripts will then execute. This only affects multi-site installations and installations where unfiltered_html has been disabled.Detected in:

Custom post types, Custom Fields & more open Vulnerable Versions: >= * <= 5.0.0

Viewing 1 replies (of 1 total)

Plugin Author TotalPress.org
(@totalpressorg)

2 years, 3 months ago

Hi @eyevisions
new version 5.0.1 solve the issues.

Many thanks

Viewing 1 replies (of 1 total)

The topic ‘Input validation vulnerability in Custom post types, Custom Fields’ is closed to new replies.

1 reply
2 participants
Last reply from: TotalPress.org
Last activity: 2 years, 3 months ago
Status: resolved