Exposición de Advanced Custom Fields
WordPress plugins23
score de exposición
3759
sitios usan
0
en explotación
2
críticos
CVEs
8 resultadosCVE-2023-30777HIGHWordPress Advanced Custom Fields / Advanced Custom Fields PRO plugins <= 6.1.5 vulnerable to Cross Site Scripting (XSS)EPSS 38.8%CVE-2023-40068—Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 EPSS 1.5%CVE-2022-23183—Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and Advanced Custom Fields Pro versions prior to 5.12EPSS 1.4%CVE-2022-2594—Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File UploadEPSS 1.3%CVE-2026-21627CRITICALExtension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for JoomlaEPSS 0.4%CVE-2024-45429MEDIUMCross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5EPSS 0.4%CVE-2026-48906CRITICALExtension - tassos.gr - Arbitrary File Deletion in Novarain/Tassos Framework < 6.1.0 for JoomlaEPSS 0.3%CVE-2025-54940MEDIUMAn HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafEPSS 0.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →