25 matches found
EUVD-2023-28477
Malicious code in bioql PyPI...
EUVD-2022-43967
Malicious code in bioql PyPI...
CVE-2025-50041
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Engine Gutenberg Blocks – ACF Blocks Suite acf-blocks allows Stored XSS.This issue affects Gutenberg Blocks – ACF Blocks Suite: from n/a through = 2.6.11...
CVE-2025-50041
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Engine Gutenberg Blocks – ACF Blocks Suite acf-blocks allows Stored XSS.This issue affects Gutenberg Blocks – ACF Blocks Suite: from n/a through = 2.6.11...
CVE-2023-24421
Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...
CVE-2023-30777
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins = 6.1.5 versions...
CVE-2022-40696
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced Custom Fields ACF.This issue affects Advanced Custom Fields ACF: from 3.1.1 through 6.0.2...
CVE-2024-49593
In Advanced Custom Fields ACF before 6.3.9 and Secure Custom Fields before 6.3.6.3 plugins for WordPress, using the Field Group editor to edit one of the plugin's fields can result in execution of a stored XSS payload. NOTE: if you wish to use the WP Engine alternative update mechanism for the fr...
CVE-2024-49593
CVE-2024-49593 affects the WordPress ecosystem via two plugins: Advanced Custom Fields (ACF) and Secure Custom Fields. The vulnerability is a stored XSS that can be triggered when editing a Field Group with the plugin editors, enabling execution of malicious payloads. Affected versions are ACF pr...
WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites
The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site. Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive...
CVE-2022-40696
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced Custom Fields ACF.This issue affects Advanced Custom Fields ACF: from 3.1.1 through 6.0.2...
CVE-2022-40696
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced Custom Fields ACF.This issue affects Advanced Custom Fields ACF: from 3.1.1 through 6.0.2...
Design/Logic Flaw
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced Custom Fields ACF.This issue affects Advanced Custom Fields ACF: from 3.1.1 through 6.0.2...
CVE-2022-40696
CVE-2022-40696 affects WordPress plugin WP Engine Advanced Custom Fields (ACF): versions 3.1.1 through 6.0.2 are vulnerable to information disclosure. The underlying issue is described as a Custom Field Value Exposure via parsed shortcode from user input, leading to disclosure of sensitive data t...
CVE-2023-24421
Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...
CVE-2023-24421
Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...
CVE-2023-24421
CVE-2023-24421 refers to a Cross-Site Request Forgery (CSRF) vulnerability in the WP Engine PHP Compatibility Checker plugin, affected versions
VulnCheck KEV: CVE-2023-30777
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins = 6.1.5 versions...
CVE-2023-30777
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins = 6.1.5 versions...