WordPress Advanced Custom Fields Vulnerabilities
Wordpress Advanced Custom Fields vulnerabilities.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Remote Code Execution Vulnerability in Advanced Custom Fields Extended Plugin for WordPress
CVE-2025-13486WordPressAdvanced Custom Fields...👾🟡EPSS 24%9.8CRITICALCross-Site Request Forgery Vulnerability in Tusko Trush Advanced Custom Fields Plugin
CVE-2025-60208WordPressAdvanced Custom Fields...8.8HIGHServer-Side Template Injection in Advanced Views Plugin for WordPress
CVE-2025-10380WordPressAdvanced Views – Displ...8.8HIGHHTML Injection Vulnerability in Advanced Custom Fields Plugin for WordPress
CVE-2025-54940WordPressAdvanced Custom Fields4.6MEDIUMXSS Vulnerability in NotFound Advanced Custom Fields Plugin by WordPress
CVE-2025-26746WordPressAdvanced Custom Fields...7.1HIGHCross-Site Request Forgery Vulnerability in WPENGINE's Advanced Custom Fields PRO
CVE-2024-37251WordPressAdvanced Custom Fields...4.3MEDIUMArbitrary Function Execution Through Setting Import
CVE-2024-9529WordpressSecure Custom Fields👾🟡Incorrectly Configured Access Control Security Levels Expose Advanced Custom Fields PRO to Missing Authorization Vulnerability
CVE-2024-37250WordPressAdvanced Custom Fields...5.4MEDIUMMissing Authorization Vulnerability in Advanced Custom Fields PRO
CVE-2024-37249WordPressAdvanced Custom Fields...4.3MEDIUMFreemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974WordpressYasr – Yet Another Sta...6.3MEDIUMACF Plugin Vulnerability Allows Unauthorized Access to Custom Fields
CVE-2024-4565WordpressAdvanced Custom Fields...👾🟡6.5MEDIUMPath Traversal Vulnerability in Advanced Custom Fields PRO
CVE-2024-34762WordPressAdvanced Custom Fields...9.9CRITICALImproper Control of Generation of Code ('Code Injection') Vulnerability Affects Advanced Custom Fields PRO
CVE-2024-34761WordPressAdvanced Custom Fields...8.5HIGHStored Cross-Site Scripting Vulnerability in ACF Plugin for WordPress
CVE-2023-6701WordpressAdvanced Custom Fields...6.4MEDIUMWordPress Advanced Custom Fields Plugin 3.1.1-6.0.2 is vulnerable to Sensitive Data Exposure
CVE-2022-40696WordPressAdvanced Custom Fields...3.7LOWStored Cross-Site Scripting in Advanced Custom Fields: Extended for WordPress
CVE-2023-5292WordPressAdvanced Custom Fields...6.4MEDIUMMultiple Plugins from Addify - Multiple CSRF
CVE-2022-4888WordpressCheckout Fields Manager6.5MEDIUMWordPress Advanced Custom Fields / Advanced Custom Fields PRO plugins <= 6.1.5 vulnerable to Cross Site Scripting (XSS)
CVE-2023-30777WordPressAdvanced Custom Fields...👾🟡EPSS 85%6.1MEDIUMAdvanced Custom Fields - Contributor+ PHP Object Injection
CVE-2023-1196WordpressAdvanced Custom Fields...👾🟡8.8HIGHAdvanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload
CVE-2022-2594WordpressAdvanced Custom Fields8.8HIGHAdvanced Custom Fields: Extended < 0.8.8.7 - Admin+ SQL Injection
CVE-2021-24865WordpressAdvanced Custom Fields...7.2HIGHAuthorization Flaw in Advanced Custom Fields Plugin for WordPress
CVE-2021-20867WordPressAdvanced Custom Fields...6.5MEDIUMAuthorization Vulnerability in Advanced Custom Fields by WordPress
CVE-2021-20866WordPressAdvanced Custom Fields...6.5MEDIUMAdvanced Custom Field Pro < 5.9.1 - Reflected Cross-Site Scripting (XSS)
CVE-2021-24241WordpressAdvanced Custom Fields...6.1MEDIUMXSS Vulnerability in Advanced Custom Fields Plugin for WordPress
CVE-2020-36172WordpressAdvanced Custom Fields6.1MEDIUM