IDCVSSSummaryLast (major) updatePublished
CVE-2020-36172 4.3
The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandles the escaping of strings in Select2 dropdowns, potentially leading to XSS.
08-01-2021 - 21:14 06-01-2021 - 15:15
CVE-2021-24241 4.3
The Advanced Custom Fields Pro WordPress plugin before 5.9.1 did not properly escape the generated update URL when outputting it in an attribute, leading to a reflected Cross-Site Scripting issue in the update settings page.
29-04-2021 - 20:51 22-04-2021 - 21:15
Back to Top Mark selected
Back to Top