CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Advancedcustomfields: >> Advanced Custom Fields >> 5.8.13 Security Vulnerabilities

CVE-2021-24241

The Advanced Custom Fields Pro WordPress plugin before 5.9.1 did not properly escape the generated update URL when outputting it in an attribute, leading to a reflected Cross-Site Scripting issue in the update settings page.

CVSS Score

6.1

EPSS Score

0.006

Published

2021-04-22

Page 2

Vulnerabilities

Vulnerable Software

Advancedcustomfields: >> Advanced Custom Fields >> 5.8.13 Security Vulnerabilities

Products

Pricing

Contact Us