2 matches found
WordPress Plugin 'Advanced Custom Fields' < 5.12.4, 6.x < 6.0.3 Custom Field Value Exposure
The WordPress application running on the remote host has a version of the 'Advanced Custom Fields' plugin that is prior to 5.12.4 or 6.x prior to 6.0.3. It is, therefore, affected by a custom field value exposure through parsed shortcode from user input vulnerability. Note that Nessus has not...
WordPress Advanced Custom Fields plugin 3.1.1 - 6.0.2 - Custom Field Value Exposure vulnerability
Custom Field Value Exposure Through Parsed Shortcode from User Input vulnerability discovered by Juan Hoffmann in WordPress Advanced Custom Fields plugin versions 3.1.1 - 6.0.2. Solution Update the WordPress Advanced Custom Fields plugin to the latest available version at least 6.0.3...