Custom Post Type UI

webdevstudios

Developer

1.19.2

Latest version

1,000,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

5 patched

0 Mitigation rules

Authenticated (Administrator+) Stored Cross-Site Scripting via 'label' Import Parameter vulnerability
<= 1.18.1
12/12/2025
Missing Authorization to Unauthenticated (Previously Administrator+) Custom Post Type Modification vulnerability
<= 1.18.0
04/12/2025
Cross-Site Request Forgery (CSRF) vulnerability
< 1.13.5
25/04/2023
Cross-Site Request Forgery to Sensitive Information Exposure vulnerability
<= 1.13.4
30/03/2023
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)
<= 1.7.3
17/03/2020