Lucene search
WPScanVULNRICHMENT:CVE-2024-4565HistoryJun 20, 2024 - 6:00 a.m.
CVE-2024-4565 Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access
2024-06-2006:00:02
WPScan
github.com
wordpress
custom fields
unauthorized access
The Advanced Custom Fields (ACF) WordPress plugin before 6.3, Advanced Custom Fields Pro WordPress plugin before 6.3 allows you to display custom field values for any post via shortcode without checking for the correct access
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:wpengine:advanced_custom_field_pro:*:*:*:*:*:*:*:*"
],
"vendor": "wpengine",
"product": "advanced_custom_field_pro",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "6.3",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:wpengine:advanced_custom_fields:*:*:*:*:*:*:*:*"
],
"vendor": "wpengine",
"product": "advanced_custom_fields",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "6.3",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-4565
2024-06-20 06:15:09
wpexploit
wpexploit
Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access
2024-05-30 00:00:00
cve
cve
CVE-2024-4565
2024-06-20 06:15:09
wpvulndb
wpvulndb
Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access
2024-05-30 00:00:00
cvelist
cvelist
wordfence
wordfence
AI Score
6.8
Confidence
High
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-4565