CVE-2024-4565

Published: Jun 20, 2024Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The Advanced Custom Fields (ACF) WordPress plugin before 6.3, Advanced Custom Fields Pro WordPress plugin before 6.3 allows you to display custom field values for any post via shortcode without checking for the correct access

Affected (2)

Products: Advancedcustomfields: Advanced Custom Fields

Advancedcustomfields

1 product

Advanced Custom Fields

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Advancedcustomfields Advanced Custom Fields	Before 6.3
Advancedcustomfields Advanced Custom Fields	Before 6.3

References (2)

https://wpscan.com/vulnerability/430224c4-d6e3-4ca8-b1bc-b2229a9bcf12/

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/430224c4-d6e3-4ca8-b1bc-b2229a9bcf12/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.