CVE-2024-45429

CVE-2024-45429 is a cross-site scripting vulnerability in the WordPress plugins Advanced Custom Fields and Advanced Custom Fields Pro, affecting versions ≤ 6.3.5. The issue arises when an attacker who has the product’s configured capability privilege stores an arbitrary script in a field label, a...