Latest vulnerabilities for "advanced custom fields"

5.3

EPSS

0.11%

First published (updated )

CVE-2024-49593

Advanced Custom FieldsACF Quick Edit Fields <= 3.2.2 - Authenticated (Contributor+) Insecure Direct Object Reference

6.5

First published (updated )

CVE-2023-7286

Advanced Custom FieldsXSS

6.1

First published (updated )

CVE-2024-45429

Advanced Custom FieldsAdvanced Custom Fields < 6.3 - Contributor+ Custom Field Access

7.5

EPSS

0.04%

First published (updated )

CVE-2024-4565

Advanced Custom FieldsXSS

6.4

EPSS

0.05%

First published (updated )

CVE-2023-6701

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Advanced Custom FieldsCode Injection, Input Validation

8.8

EPSS

0.05%

First published (updated )

CVE-2023-6996

Advanced Custom FieldsXSS

6.4

EPSS

0.04%

First published (updated )

CVE-2023-6982

Advanced Custom FieldsWordPress Advanced Custom Fields Plugin 3.1.1-6.0.2 is vulnerable to Sensitive Data Exposure

7.5

First published (updated )

CVE-2022-40696

Advanced Custom FieldsWordPress Advanced Custom Fields: Image Crop Add-on Plugin <= 1.4.12 is vulnerable to Broken Access Control

8.8

First published (updated )

CVE-2023-22676

Advanced Custom FieldsXSS

5.4

First published (updated )

CVE-2023-40068

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Advanced Custom FieldsWordPress Advanced Custom Fields / Advanced Custom Fields PRO plugins <= 6.1.5 vulnerable to Cross Site Scripting (XSS)

7.1

First published (updated )

CVE-2023-30777

Advanced Custom FieldsAdvanced Custom Fields - Contributor+ PHP Object Injection

8.8

First published (updated )

CVE-2023-1196

Advanced Custom FieldsXSS

6.1

First published (updated )

CVE-2022-40841

Advanced Custom FieldsSSRF

critical

9.1

First published (updated )

CVE-2022-40842

Advanced Custom FieldsXSS

6.1

First published (updated )

CVE-2022-40840

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Advanced Custom FieldsSQL Injection

7.5

First published (updated )

CVE-2022-40839

Advanced Custom FieldsAdvanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload

8.8

First published (updated )

CVE-2022-2594

Advanced Custom FieldsMissing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and Advanced …

6.5

First published (updated )

CVE-2022-23183

Advanced Custom FieldsAdvanced Custom Fields: Extended < 0.8.8.7 - Admin+ SQL Injection

7.2

First published (updated )

CVE-2021-24865

Advanced Custom FieldsAdvanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 …

6.5

First published (updated )

CVE-2021-20867

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Advanced Custom FieldsAdvanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 …

6.5

First published (updated )

CVE-2021-20866

Advanced Custom FieldsAdvanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 …

7.5

First published (updated )

CVE-2021-20865

Advanced Custom FieldsXSS

6.1

First published (updated )

CVE-2021-24241

Advanced Custom FieldsXSS

6.1

First published (updated )

CVE-2020-36172

Advanced Custom FieldsMalicious File Upload

critical

9.8

First published (updated )

CVE-2015-9479

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Advanced Custom FieldsXSS