Missing Authorization Vulnerability in Advanced Custom Fields (ACF) and ACF Pro versions prior to 5.11

Missing Authorization Vulnerability in Advanced Custom Fields (ACF) and ACF Pro versions prior to 5.11

CVE-2021-20865 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse unauthorized data via unspecified vectors.

Learn more about our User Device Pen Test.