Advancedcustomfields: >> Advanced Custom Fields >> 6.0.5 Security Vulnerabilities
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-05-02