Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.7 views

CVE-2021-20865

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse unauthorized data via unspecified vectors...

7.5CVSS6.7AI score0.02462EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.20 views

WordPress Advanced Custom Fields PRO Plugin < 5.11 is vulnerable to Broken Access Control

Software Advanced Custom Fields PRO Type Plugin Vulnerable versions 5.11 Fixed in 5.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-20865 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 148c8b46d288 Credits Keitaro Yamazaki...

7.5CVSS7.5AI score0.02462EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.18 views

WordPress Advanced Custom Fields Plugin < 5.11 is vulnerable to Broken Access Control

Software Advanced Custom Fields Type Plugin Vulnerable versions 5.11 Fixed in 5.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-20865 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a4b648ba0bb Credits Keitaro Yamazaki Required...

7.5CVSS7.5AI score0.02462EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/12/13 6:40 a.m.26 views

CVE-2021-20865

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse unauthorized data via unspecified vectors...

7.5AI score0.02462EPSS
Exploits0References3
CVE
CVE
added 2021/12/13 6:40 a.m.59 views

CVE-2021-20865

CVE-2021-20865 affects the WordPress plugins Advanced Custom Fields (ACF) and Advanced Custom Fields Pro, with vulnerable versions prior to 5.11. The root cause is a missing authorization in the database-browsing pathway, potentially allowing an attacker to access unauthorized data via unspecifie...

7.5CVSS7.3AI score0.02462EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/12/02 12:0 a.m.44 views

JVN#09136401: Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields"

WordPress Plugin "Advanced Custom Fields" provided by Delicious Brains contains multiple missing authorization vulnerabilities listed below. Missing authorization related to database browsing CWE-862 - CVE-2021-20865 Version| Vector| Score ---|---|--- CVSS v3|...

7.5CVSS6.9AI score0.02462EPSS
Exploits0
Rows per page
Query Builder