Really Simple Security logo

Log out
Get PRO

Advanced Custom Fields Pro

This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Submit

Vulnerabilities

  • Input validation vulnerability in Advanced Custom Fields Pro 6.3.1

    Fixed

    The Advanced Custom Fields Pro plugin for WordPress has a security issue that makes it vulnerable to unauthorized actions by attackers. This can happen if a site administrator is tricked into clickin...

    Read More

  • Access violation vulnerability in Advanced Custom Fields Pro 6.3.1

    Fixed

    The Advanced Custom Fields Pro plugin for WordPress has a security issue that allows unauthorized access to the plugin. This vulnerability exists in all versions up to 6.3.1, which means that even th...

    Read More

  • Access violation vulnerability in Advanced Custom Fields Pro 6.3.1

    Fixed

    The Advanced Custom Fields Pro plugin for WordPress has a security issue that allows unauthorized people to access it. This is because the plugin does not check for certain permissions before perform...

    Read More

  • Input validation vulnerability in Advanced Custom Fields 6.3.6.2

    Fixed

    The plugins Advanced Custom Fields and Secure Custom Fields for WordPress have a security vulnerability that allows attackers to inject harmful scripts into pages. This can only happen if the attacke...

    Read More

  • Input validation vulnerability in Advanced Custom Fields (ACF) 6.3.6

    Fixed

    A security vulnerability has been identified in the Advanced Custom Fields plugin for WordPress versions up to 6.3.7, which may allow unauthorized access and manipulation of custom post types by aut...

    Read More

  • Input validation vulnerability in Advanced Custom Fields 6.3.5

    Fixed

    The Advanced Custom Fields plugin for WordPress has a security flaw that allows attackers to insert harmful scripts into pages. This can happen because the plugin does not properly clean and protect ...

    Read More

  • Input validation vulnerability in Advanced Custom Fields Pro 6.2.9

    Fixed

    The Advanced Custom Fields Pro plugin for WordPress has a security issue called Local File Inclusion. This means that people who have Contributor-level access or higher can include and run any files ...

    Read More

  • Input validation vulnerability in Advanced Custom Fields Pro 6.2.9

    Fixed

    The Advanced Custom Fields Pro plugin for WordPress has a security issue that allows attackers who are logged in with contributor-level access or higher to inject and run their own code on the server...

    Read More

  • Access violation vulnerability in Advanced Custom Fields (ACF) 6.2.10

    Fixed

    The ACF plugin for WordPress has a security issue where anyone can access custom fields without proper restrictions. This means that attackers with Contributor-level access or higher can potentially ...

    Read More

  • Input validation vulnerability in Advanced Custom Fields (ACF) 6.2.4

    Fixed

    The Advanced Custom Fields plugin used for WordPress has a security issue that can allow hackers to inject harmful code into a website. This can happen through a custom text field and affects all ver...

    Read More

  • Input validation vulnerability in Advanced Custom Fields Pro 6.1.7

    Fixed

    The Advanced Custom Fields PRO plugin for WordPress is insecure in versions 6.1 through 6.1.7. This means that if someone with administrator-level permissions or higher attempts to add certain inform...

    Read More

  • Access violation vulnerability in Advanced Custom Fields (ACF) 5.11

    Fixed

    Some versions of Advanced Custom Fields and Advanced Custom Fields Pro

    Read More

  • Input validation vulnerability in Advanced Custom Fields (ACF) 5.12.5

    Fixed

    The Advanced Custom Fields plugin for WordPress is not secure enough in versions 6.1.5 and below. This means that unauthenticated attackers can put malicious code on webpages

    Read More

  • Access violation vulnerability in Advanced Custom Fields (ACF) 5.11

    Fixed

    Some versions of Advanced Custom Fields and Advanced Custom Fields Pro have a security issue that could allow someone to see information they aren't supposed to have access to.

    Read More

  • Access violation vulnerability in Advanced Custom Fields (ACF) 5.11

    Fixed

    Advanced Custom Fields and Advanced Custom Fields Pro software versions before 5.11 could have a security issue that allowed users to move a field group without the right authorization. It's not clear...

    Read More

  • Access violation vulnerability in Advanced Custom Fields (ACF) 5.12.1

    Fixed

    The Advanced Custom Fields plugin for WordPress has a security flaw in versions up to 5.12 which allows people with editor access

    Read More

  • Input validation vulnerability in Advanced Custom Fields Pro 5.9.1

    Fixed

    The Advanced Custom Fields Pro WordPress plugin had a security issue that allowed malicious code to be placed in the update settings page. This issue was fixed in version 5.9.1 of the plugin.

    Read More