Analyzed
5 days
ago.
based on code collected
5 days
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2024-9529 | BDSA-2024-8844 | Medium | Nov 15, 2024 | The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plug more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
| CVE-2024-4565 | Medium | Jun 20, 2024 | The Advanced Custom Fields (ACF) WordPress plugin before 6.3, Advanced Custom Fields Pro WordPress plugin before 6.3 allows you to display custom field more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2023-6701 | Medium | Feb 05, 2024 | The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom text field in all versions up to, and i more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2023-30777 | Medium | May 10, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins <= 6.1.5 v more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2022-23183 | Medium | Mar 31, 2022 | Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and Advanced Custom Fields Pro versions prior to 5.12.1 allows a more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2021-24241 | Medium | Apr 22, 2021 | The Advanced Custom Fields Pro WordPress plugin before 5.9.1 did not properly escape the generated update URL when outputting it in an attribute, leadi more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2021-20867 | Medium | Dec 13, 2021 | Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in mo more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2021-20866 | Medium | Dec 13, 2021 | Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in ob more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2021-20865 | High | Dec 13, 2021 | Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in br more... |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
|
| CVE-2020-36172 | BDSA-2020-4019 | Medium | Jan 06, 2021 | The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandles the escaping of strings in Select2 dropdowns, potentially leading to XSS. |
1.0.2, 1.0.3, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 2.0.1, 2.0.2
|
