3 matches found
CVE-2025-26746
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in caalami Advanced Custom Fields: Link Picker Field acf-link-picker-field allows Reflected XSS.This issue affects Advanced Custom Fields: Link Picker Field: from n/a through = 1.2.8...
CVE-2025-26746 WordPress Advanced Custom Fields: Link Picker Field plugin <= 1.2.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in caalami Advanced Custom Fields: Link Picker Field acf-link-picker-field allows Reflected XSS.This issue affects Advanced Custom Fields: Link Picker Field: from n/a through = 1.2.8...
CVE-2025-26746
CVE-2025-26746 tracks a Reflected XSS in Advanced Custom Fields: Link Picker Field (affected: from n/a through 1.2.8). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) yields a base score of 7.1 ( HIGH ) with impact on confidentiality, integrity, and availability all rated as low. The at...