Custom Field Template

Vulnerabilities 16Slug custom-field-templateLatest version 2.7.8WordPress.org →

Minimum safe version

2.7.8

Update to 2.7.8 or later to address 16 fixable vulnerabilities

Latest available2.7.8 ✓

Medium 6.5

2025-12-30< 2.7.8

WordPress Custom Field Template plugin <= 2.7.7 - Cross Site Scripting (XSS) vulnerability

EUVD CVE Wordfence

Medium 4.3

2025-12-09< 2.7.7

CVE-2025-63058

CVE Wordfence

Medium 5.4

2024-09-15< 2.6.6

CVE-2024-44062

CVE Patchstack Wordfence

Medium 5.4

2024-06-11< 2.6.2

CVE-2024-0627

CVE Wordfence Patchstack

Medium 4.3

2024-06-11< 2.6.2

CVE-2023-6748

CVE Wordfence Patchstack

Medium 4.8

2024-06-11< 2.6.2

CVE-2024-0653

CVE Wordfence Patchstack

Medium 5.4

2024-06-11< 2.6.2

CVE-2023-6745

CVE Wordfence Patchstack

Medium 6.5

2024-03-15< 2.6.1

CVE-2024-25919

CVE Wordfence Patchstack WPScan

High 7.1

2023-08-07< 2.6.0

CVE-2023-38392

CVE Wordfence Patchstack WPScan

Medium 4.3

2023-07-01< 2.5.2

CVE-2020-36742

CVE Wordfence WPScan

N/A

2023-06-07< 2.5.2

CVE-2021-4342

CVE

Medium 4.3

2023-07-10< 2.5.9

CVE-2023-22695

CVE Patchstack Wordfence WPScan

High 7.2

2023-12-09< 2.5.8

WordPress Custom Field Template Plugin < 2.5.8 is vulnerable to PHP Object Injection

Patchstack CVE Wordfence WPScan

N/A

< 2.5.2

Various Affected Software (Various Versions) - Cross-Site Request Forgery Bypass

Wordfence

N/A

< 2.5.2

Multiple Plugins/Themes - Cross-Site Request Forgery (CSRF)

WPScan

N/A

2020-09-16< 2.5.2

WordPress Custom Field Template plugin <= 2.5.1 - Cross-Site Request Forgery (CSRF) vulnerability

Patchstack