WordPress vulnerability database
Security programs Bounty leaderboard API Protect
Report
🎉 Check out our updated Community and new Developer plans!
Advanced Custom Fields Logo

Advanced Custom Fields

Plugin

Changelog

Claim

VDP

Developer

WP Engine

Current version

6.2.4

Installations

2,000,000

Last updated

1 week ago

Vulnerability history

0 present
12 patched

Authenticated Stored CrossSite Scripting vulnerability 6.1-6.1.7

5.9

3 August, 2023

Reflected Cross Site Scripting (XSS) vulnerability 5.8.10-5.12.5

7.1

5 May, 2023

Contributor+ PHP Object Injection vulnerability < 5.12.5

4.9

2 May, 2023

Authenticated (Contributor+) PHP Object Injection vulnerability <= 6.0.7

8.5

4 April, 2023

6.0.2 Custom Field Value Exposure vulnerability 3.1.1-6.0.2

3.7

18 October, 2022

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugin developers NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022

Social

DPA Privacy Policy Terms & Conditions © 2023 Patchstack

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugin developers NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022

Social

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close