CVE-2026-4068 | pattihis Add Custom Fields to Media Plugin up to 2.0.3 on WordPress update_option cross-site request forgery

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability labeled as problematic has been found in pattihis Add Custom Fields to Media Plugin up to 2.0.3 on WordPress. The affected element is the function update_option. Executing a manipulation can lead to cross-site request forgery.

This vulnerability is handled as CVE-2026-4068. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-4068 | pattihis Add Custom Fields to Media Plugin up to 2.0.3 on WordPress update_option cross-site request forgery

Post correlati

CVE-2025-48051 | Lichess Lila powertip.ts cross site scripting (GHSA-9xhx-p3c5-p4v6)

CVE-2025-7551 | Tenda FH1201 1.2.0.14(408) /goform/PPTPDClient fromPptpUserAdd stack-based overflow

CVE-2024-28726 | D-Link DWR 2000M 5G Diagnostics Local Privilege Escalation

CVE-2023-47577 | Relyum RELY-PCIe/RELY-REC 22.2.1/23.1.0 unverified password change