Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:6 a.m.20 views

CVE-2023-6701

The Advanced Custom Fields ACF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom text field in all versions up to, and including, 6.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...

6.4CVSS5.8AI score0.00523EPSS
Exploits0References1
Circl
Circl
added 2024/02/11 12:21 a.m.10 views

CVE-2023-6701

creationtimestamp| type| source ---|---|--- 2024-02-11 00:21:28+00:00| seen| https://t.me/ctinow/182670 2024-06-22 22:28:25+00:00| seen| https://t.me/cultofwire/1294...

6.4CVSS6.7AI score0.00523EPSS
Exploits0References2
CVE
CVE
added 2024/02/05 9:22 p.m.123 views

CVE-2023-6701

CVE-2023-6701 affects the WordPress plugin Advanced Custom Fields (ACF) , with a stored XSS vulnerability in a custom text field. Affected versions: all up to and including 6.2.4 . Root cause: insufficient input sanitization and output escaping. Exploitation requires authenticated access (contrib...

6.4CVSS5.2AI score0.00523EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/01/16 12:0 a.m.11 views

WordPress Advanced Custom Fields Plugin < 6.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields Type Plugin Vulnerable versions 6.2.5 Fixed in 6.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-6701 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d7cb7ac0fa29 Credits Francesco Carlucci Required...

6.4CVSS6.4AI score0.00523EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder