Vendor

WP Engine

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-50041	WP Engine Gutenberg Blocks – ACF Blocks Suite	Med	0.42	6.5	0.00		Jun 20, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Engine Gutenberg Blocks – ACF Blocks Suite acf-blocks allows Stored XSS.This issue affects Gutenberg Blocks – ACF Blocks Suite: from n/a through <= 2.6.11.
CVE-2024-9529	WordPress Advanced Custom Fields Pro		0.00	—	0.00		Nov 15, 2024	The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from running arbitrary functions through its setting import functionalities, which could…

CVE-2025-50041MedJun 20, 2025
WP Engine
Gutenberg Blocks – ACF Blocks Suite
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Engine Gutenberg Blocks – ACF Blocks Suite acf-blocks allows Stored XSS.This issue affects Gutenberg Blocks – ACF Blocks Suite: from n/a through <= 2.6.11.
CVE-2024-9529Nov 15, 2024
WordPress
Advanced Custom Fields Pro
risk 0.00cvss —epss 0.00
The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from running arbitrary functions through its setting import functionalities, which could…