VYPR

Advanced Custom Fields PRO

by WPENGINE, INC.

CVEs (3)

  • CVE-2024-34762CriJun 10, 2024
    risk 0.64cvss 9.9epss 0.01

    Vulnerability discovered by executing a planned security audit. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO:…

  • CVE-2024-37250MedNov 1, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1.

  • CVE-2024-37251MedDec 16, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in WPENGINE, INC. Advanced Custom Fields PRO.This issue affects Advanced Custom Fields PRO: from n/a before 6.3.2.