Custom Banners < 3.3 - CSRF Nonce Bypass in saveCustomFields
The plugin did not properly check the CSRF nonce in the saveCustomFields() method, which could allow attackers to make a logged in user with the edit_post capability to save custom fields in a post.
Numerous sanitisation fixes were also added to v3.3
Proof of Concept
Send a request without the my-custom-fields_wpnonce to bypass the nonce check