WordPress Advanced Custom Fields Vulnerabilities
Wordpress Advanced Custom Fields vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Server-Side Template Injection in Advanced Views Plugin for WordPress
CVE-2025-10380WordPressAdvanced Views โ Displ...8.8HIGHHTML Injection Vulnerability in Advanced Custom Fields Plugin for WordPress
CVE-2025-54940WordPressAdvanced Custom Fields4.6MEDIUMXSS Vulnerability in NotFound Advanced Custom Fields Plugin by WordPress
CVE-2025-26746WordPressAdvanced Custom Fields...7.1HIGHCross-Site Request Forgery Vulnerability in WPENGINE's Advanced Custom Fields PRO
CVE-2024-37251WordPressAdvanced Custom Fields...4.3MEDIUMArbitrary Function Execution Through Setting Import
CVE-2024-9529WordpressSecure Custom Fields๐พ๐กIncorrectly Configured Access Control Security Levels Expose Advanced Custom Fields PRO to Missing Authorization Vulnerability
CVE-2024-37250WordPressAdvanced Custom Fields...5.4MEDIUMMissing Authorization Vulnerability in Advanced Custom Fields PRO
CVE-2024-37249WordPressAdvanced Custom Fields...4.3MEDIUMFreemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974WordpressYasr โ Yet Another Sta...6.3MEDIUMACF Plugin Vulnerability Allows Unauthorized Access to Custom Fields
CVE-2024-4565WordpressAdvanced Custom Fields...๐พ๐ก6.5MEDIUMPath Traversal Vulnerability in Advanced Custom Fields PRO
CVE-2024-34762WordPressAdvanced Custom Fields...9.9CRITICALImproper Control of Generation of Code ('Code Injection') Vulnerability Affects Advanced Custom Fields PRO
CVE-2024-34761WordPressAdvanced Custom Fields...8.5HIGHStored Cross-Site Scripting Vulnerability in ACF Plugin for WordPress
CVE-2023-6701WordpressAdvanced Custom Fields...6.4MEDIUMWordPress Advanced Custom Fields Plugin 3.1.1-6.0.2 is vulnerable to Sensitive Data Exposure
CVE-2022-40696WordPressAdvanced Custom Fields...3.7LOWStored Cross-Site Scripting in Advanced Custom Fields: Extended for WordPress
CVE-2023-5292WordPressAdvanced Custom Fields...6.4MEDIUMMultiple Plugins from Addify - Multiple CSRF
CVE-2022-4888WordpressCheckout Fields Manager6.5MEDIUMWordPress Advanced Custom Fields / Advanced Custom Fields PRO plugins <= 6.1.5 vulnerable to Cross Site Scripting (XSS)
CVE-2023-30777WordPressAdvanced Custom Fields...๐พ๐กEPSS 88%6.1MEDIUMAdvanced Custom Fields - Contributor+ PHP Object Injection
CVE-2023-1196WordpressAdvanced Custom Fields...๐พ๐ก8.8HIGHAdvanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload
CVE-2022-2594WordpressAdvanced Custom Fields8.8HIGHAdvanced Custom Fields: Extended < 0.8.8.7 - Admin+ SQL Injection
CVE-2021-24865WordpressAdvanced Custom Fields...7.2HIGHAuthorization Flaw in Advanced Custom Fields Plugin for WordPress
CVE-2021-20867WordPressAdvanced Custom Fields...6.5MEDIUMAuthorization Vulnerability in Advanced Custom Fields by WordPress
CVE-2021-20866WordPressAdvanced Custom Fields...6.5MEDIUMAdvanced Custom Field Pro < 5.9.1 - Reflected Cross-Site Scripting (XSS)
CVE-2021-24241WordpressAdvanced Custom Fields...6.1MEDIUMXSS Vulnerability in Advanced Custom Fields Plugin for WordPress
CVE-2020-36172WordpressAdvanced Custom Fields6.1MEDIUMCross-Site Scripting Vulnerability in Advanced Custom Fields Plugin for WordPress
CVE-2018-20986WordpressAdvanced Custom Fields5.4MEDIUM