Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Custom Field Template — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in Custom Field Template, with AI-generated Chinese analysis, references, and POCs.

This page documents security vulnerabilities associated with the Custom Field Template weakness class within the Product: Custom Field Template ecosystem. It aggregates data regarding known exploits, configuration errors, and implementation flaws that affect this specific software component. The collection encompasses vulnerability reports and advisory notices spanning from the initial release of the product through recent updates, ensuring a comprehensive historical overview of its security posture. Users can utilize this resource to track a vendor's security advisories as they are released, providing insight into how quickly patches are deployed for critical issues. Additionally, the page allows researchers to understand the broader Custom Field Template weakness class by examining how it manifests in real-world scenarios, identifying common patterns in misconfigurations or logic errors. Visitors may also look up a product's vulnerability history to assess its long-term stability and the frequency of security incidents. This information supports risk assessment efforts by highlighting trends in exploitability and the effectiveness of remediation strategies over time. By centralizing these details, the page serves as a reference point for developers and security analysts seeking to harden deployments of Custom Field Template. Understanding the context of these vulnerabilities helps in implementing more robust access controls and validation checks. The data is organized to facilitate easy navigation and cross-referencing, enabling efficient analysis of past incidents to inform future development and security audits.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-57687 WordPress Custom Field Template plugin <= 2.7.8 - SQL Injection vulnerability CWE-89 8.5 High2026-07-02
CVE-2025-68607 WordPress Custom Field Template plugin <= 2.7.7 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2025-12-29
CVE-2025-63058 WordPress Custom Field Template plugin <= 2.7.6 - Sensitive Data Exposure vulnerability CWE-497 4.3 Medium2025-12-09
CVE-2024-44062 WordPress Custom Field Template plugin <= 2.6.5 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-09-15
CVE-2024-0653 Custom Field Template <= 2.6.1 - Authenticated (Admin+) Stored Cross-Site Scritping CWE-79 4.4 Medium2024-06-11
CVE-2023-6748 Custom Field Template <= 2.6.1 - Authenticated(Contributor+) Information Exposure CWE-862 4.3 Medium2024-06-11
CVE-2024-0627 Custom Field Template <= 2.6.1 - Authenticated(Constibutor+) Stored Cross-Site Scripting via Custom Field Name CWE-79 6.4 Medium2024-06-11
CVE-2023-6745 Custom Field Template <= 2.6.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode CWE-79 6.4 Medium2024-06-11
CVE-2024-25919 WordPress Custom Field Template plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-03-15
CVE-2023-38392 WordPress Custom Field Template Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS) CWE-79 7.1 High2023-08-07
CVE-2023-22695 WordPress Custom Field Template Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352 4.3 Medium2023-07-10
CVE-2020-36742 Custom Field Template <= 2.5.1 - Cross-Site Request Forgery Bypass CWE-352 4.3 Medium2023-07-01
CVE-2022-4324 Custom Field Template < 2.5.8 - Admin+ PHP Object Injection 7.2 -2023-01-02

All 13 known CVE vulnerabilities affecting Custom Field Template with full Chinese analysis, references, and POCs where available.