4 matches found
CVE-2023-6701
The Advanced Custom Fields ACF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom text field in all versions up to, and including, 6.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...
CVE-2023-6701
creationtimestamp| type| source ---|---|--- 2024-02-11 00:21:28+00:00| seen| https://t.me/ctinow/182670 2024-06-22 22:28:25+00:00| seen| https://t.me/cultofwire/1294...
CVE-2023-6701
CVE-2023-6701 affects the WordPress plugin Advanced Custom Fields (ACF) , with a stored XSS vulnerability in a custom text field. Affected versions: all up to and including 6.2.4 . Root cause: insufficient input sanitization and output escaping. Exploitation requires authenticated access (contrib...
WordPress Advanced Custom Fields Plugin < 6.2.5 is vulnerable to Cross Site Scripting (XSS)
Software Advanced Custom Fields Type Plugin Vulnerable versions 6.2.5 Fixed in 6.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-6701 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d7cb7ac0fa29 Credits Francesco Carlucci Required...