3 matches found
CVE-2025-12937
The ACF Flexible Layouts Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'acfflmupdatetemplatewithpastedlayout' function in all versions up to, and including, 1.1.6. This makes it possible for unauthenticated attackers to...
CVE-2025-12937 ACF Flexible Layouts Manager <= 1.1.6 - Missing Authorization to Unauthenticated Custom Field Update
The ACF Flexible Layouts Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'acfflmupdatetemplatewithpastedlayout' function in all versions up to, and including, 1.1.6. This makes it possible for unauthenticated attackers to...
CVE-2025-12937 ACF Flexible Layouts Manager <= 1.1.6 - Missing Authorization to Unauthenticated Custom Field Update
The ACF Flexible Layouts Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'acfflmupdatetemplatewithpastedlayout' function in all versions up to, and including, 1.1.6. This makes it possible for unauthenticated attackers to...