CVE-2025-54940
CVE-2025-54940
An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafted HTML code may be rendered and page display may be tampered.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
Productos afectados
WPEngine, Inc. · Advanced Custom Fields¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →