Exposure of WP Engine
Hosting, PaaS19
exposure score
93,132
sites use
0
exploited
0
critical
CVEs
8 resultsCVE-2023-30777HIGHWordPress Advanced Custom Fields / Advanced Custom Fields PRO plugins <= 6.1.5 vulnerable to Cross Site Scripting (XSS)EPSS 38.8%CVE-2023-40068—Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 EPSS 1.5%CVE-2022-40696LOWWordPress Advanced Custom Fields Plugin 3.1.1-6.0.2 is vulnerable to Sensitive Data ExposureEPSS 0.5%CVE-2024-45429MEDIUMCross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5EPSS 0.4%CVE-2026-49062HIGHWordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2023-24421MEDIUMWordPress PHP Compatibility Checker Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-50041MEDIUMWordPress Gutenberg Blocks – ACF Blocks Suite plugin <= 2.6.11 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2026-49043MEDIUMWordPress WP Migrate Lite plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →