Unrated severityNVD Advisory· Published Aug 21, 2023· Updated Oct 4, 2024
CVE-2023-40068
CVE-2023-40068
Description
Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative privilege.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: >=6.1.0, <=6.1.7
- WP Engine/Advanced Custom Fieldsv5Range: versions 6.1.0 to 6.1.7
- WP Engine/Advanced Custom Fields Prov5Range: versions 6.1.0 to 6.1.7
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.