Description
WordPress Plugin Advanced Custom Fields PRO is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Advanced Custom Fields PRO version 6.0.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.0.3 or latest
References
Related Vulnerabilities
Oracle HTTP Server CVE-2019-2751 Vulnerability (CVE-2019-2751)
Joomla CVE-2022-27911 Vulnerability (CVE-2022-27911)
WordPress Plugin Product Slider for WooCommerce by PickPlugins Cross-Site Scripting (1.13.41)
WordPress Plugin WP Symposium Arbitrary File Upload (14.11)
WordPress Plugin WordPress Email Template Designer-WP HTML Mail Cross-Site Scripting (3.0.9)