Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Patchstack
Patchstackadded 2026/02/03 9:13 p.m.4 views

WordPress ACF Quick Edit Fields plugin <= 3.2.2 - Authenticated (Contributor+) Insecure Direct Object Reference vulnerability

Authenticated Contributor+ Insecure Direct Object Reference vulnerability discovered by Chris Grello in WordPress Plugin ACF Quick Edit Fields versions = 3.2.2...

6.5CVSS5.3AI score0.01047EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-59666

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01047EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2024/10/16 7:15 a.m.1 views

CVE-2023-7286

The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the editusers capability to access metadata of other users, this includes contributor-level users and above...

6.5CVSS5.4AI score0.01047EPSS
Exploits0References4
NVD
NVDadded 2024/10/16 7:15 a.m.21 views

CVE-2023-7286

The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the editusers capability to access metadata of other users, this includes contributor-level users and above...

6.5CVSS0.01047EPSS
Exploits0References3
CVE
CVEadded 2024/10/16 6:43 a.m.39 views

CVE-2023-7286

The WordPress plugin ACF Quick Edit Fields (≤ 3.2.2) is affected by an Insecure Direct Object Reference issue that allows authenticated users with Contributor+ privileges to access metadata of other users without the edit_users capability. Root cause: insecure access to user metadata via the plug...

6.5CVSS6.3AI score0.01047EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/10/16 6:43 a.m.12 views

CVE-2023-7286 ACF Quick Edit Fields <= 3.2.2 - Authenticated (Contributor+) Insecure Direct Object Reference

The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the editusers capability to access metadata of other users, this includes contributor-level users and above...

6.5CVSS6.9AI score0.01047EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/10/16 6:43 a.m.23 views

CVE-2023-7286 ACF Quick Edit Fields <= 3.2.2 - Authenticated (Contributor+) Insecure Direct Object Reference

The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the editusers capability to access metadata of other users, this includes contributor-level users and above...

6.5CVSS0.01047EPSS
Exploits0References3
Rows per page
Query Builder