Lucene search
HistoryJan 08, 2024 - 10:15 p.m.
CVE-2022-40696
vulnerability
sensitive information
wp engine
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
37.2%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced Custom Fields (ACF).This issue affects Advanced Custom Fields (ACF): from 3.1.1 through 6.0.2.
Affected configurations
Node
advancedcustomfieldsadvanced_custom_fieldsRange3.1.1–6.0.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| advancedcustomfields | advanced_custom_fields | * | cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:*:wordpress:*:* |
Related
cvelist
cvelist
patchstack
patchstack
nessus
nessus
cve
cve
CVE-2022-40696
2024-01-08 22:15:44
openvas
openvas
prion
prion
Design/Logic Flaw
2024-01-08 22:15:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
37.2%
Related for NVD:CVE-2022-40696