WordPress Plugin Vulnerabilities
Advanced Custom Fields < 5.8.12 - Cross-Site Scripting in Select2 dropdowns
Description
The plugin did not correctly escape input from Select2 dropdowns, which could lead to Cross-Site Scripting issues
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Verified
No
WPVDB ID
Timeline
Publicly Published
2021-01-06 (about 3 years ago)
Added
2021-01-06 (about 3 years ago)
Last Updated
2021-01-09 (about 3 years ago)