2 matches found
CVE-2024-49593
CVE-2024-49593 affects the WordPress ecosystem via two plugins: Advanced Custom Fields (ACF) and Secure Custom Fields. The vulnerability is a stored XSS that can be triggered when editing a Field Group with the plugin editors, enabling execution of malicious payloads. Affected versions are ACF pr...
PT-2024-33558 · WordPress · Advanced Custom Fields Pro +1
Name of the Vulnerable Software and Affected Versions: Advanced Custom Fields ACF versions prior to 6.3.9 Secure Custom Fields versions prior to 6.3.6.3 Description: The issue allows for the execution of a stored XSS payload when using the Field Group editor to edit one of the plugin's fields in...