Wpengine Advanced Custom Fields (Acf®)
3 CVEs affecting Wpengine Advanced Custom Fields (Acf®). Latest disclosed: 2026-05-31. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6701 | Medium | 6.4 | 2024-02-05 | The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom text field in all versions up to, and including… |
CVE-2026-8382 | Medium | 5.3 | 2026-05-31 | The Advanced Custom Fields (ACF®) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.8.1. This is due to the pl… |
CVE-2026-4812 | Medium | 5.3 | 2026-04-15 | The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disclosure in versions up to and including… |