Description

WordPress Plugin Custom Post Types and Custom Fields creator-WCK is prone to multiple unspecified vulnerabilities. No available information exists regarding these issues and their impact on a vulnerable website. WordPress Plugin Custom Post Types and Custom Fields creator-WCK version 1.2.9 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.3.0 or latest

References

https://wordpress.org/plugins/wck-custom-fields-and-custom-post-types-creator/changelog/

Related Vulnerabilities

WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (3.4.1)

MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43281)

Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2018-16476)

Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)

WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.3)

Severity

High

Tags

Missing Update