Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2024-37251
Disclosure Date: December 16, 2024 (last updated December 18, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in WPENGINE, INC. Advanced Custom Fields PRO.This issue affects Advanced Custom Fields PRO: from n/a before 6.3.2.
0
Attacker Value
Unknown
CVE-2024-37250
Disclosure Date: November 01, 2024 (last updated November 02, 2024)
Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1.
0
Attacker Value
Unknown
CVE-2024-37249
Disclosure Date: November 01, 2024 (last updated November 02, 2024)
Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1.
0
Attacker Value
Unknown
CVE-2024-34762
Disclosure Date: June 10, 2024 (last updated June 11, 2024)
Vulnerability discovered by executing a planned security audit.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
0
Attacker Value
Unknown
CVE-2024-34761
Disclosure Date: June 10, 2024 (last updated June 11, 2024)
Vulnerability discovered by executing a planned security audit.
Improper Control of Generation of Code ('Code Injection') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows Code Injection.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
0
Attacker Value
Unknown
CVE-2024-30225
Disclosure Date: March 28, 2024 (last updated January 05, 2025)
Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10.
0
