Hookturn: Security Vulnerabilities
The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_json_file() function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-02-05