Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2024/10/04 12:0 a.m.15 views

WordPress Advanced Custom Fields PRO Plugin < 5.11 is vulnerable to Broken Access Control

Software Advanced Custom Fields PRO Type Plugin Vulnerable versions 5.11 Fixed in 5.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-20866 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 36e7531caa36 Credits Keitaro Yamazaki...

6.5CVSS6.4AI score0.01662EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.23 views

WordPress Advanced Custom Fields Plugin < 5.11 is vulnerable to Broken Access Control

Software Advanced Custom Fields Type Plugin Vulnerable versions 5.11 Fixed in 5.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-20866 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3c61745fb42a Credits Keitaro Yamazaki Required...

6.5CVSS6.4AI score0.01662EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2021/12/13 6:40 a.m.77 views

CVE-2021-20866

The CVE-2021-20866 vulnerability affects Advanced Custom Fields (ACF) and ACF Pro prior to version 5.11. The issue is a missing authorization in obtaining the user list, leading to potential information disclosure of unauthorized user data via unspecified vectors. Public sources in Patchstack ind...

6.5CVSS6.2AI score0.01662EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/12/02 12:0 a.m.44 views

JVN#09136401: Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields"

WordPress Plugin "Advanced Custom Fields" provided by Delicious Brains contains multiple missing authorization vulnerabilities listed below. Missing authorization related to database browsing CWE-862 - CVE-2021-20865 Version| Vector| Score ---|---|--- CVSS v3|...

7.5CVSS6.9AI score0.02462EPSS
Exploits0
Rows per page
Query Builder