What this page helps you verify fast
This hub clusters every indexed record for Advanced Forms for ACF so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.
Review known vulnerability records for the WordPress plugin Advanced Forms for ACF (`advanced-forms`), including severity, CVE references, affected versions, and patch status.
Recent tracked CVEs on this page include CVE-2024-1121 and CVE-2021-24892, so operators can jump from disclosure to patch validation without scanning the full feed first.
This hub clusters every indexed record for Advanced Forms for ACF so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.
These recent records surface the CVE strings, patch cues, and direct report links most operators need first.
The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_json_file() function in all versions up to, and i...
Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) before 1.6.9 allows authenticated remote attacker to change arbitrary user's email address and request for re...
Sorted by latest disclosure date so newly published issues surface first.
The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_json_file() function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form set...
Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) before 1.6.9 allows authenticated remote attacker to change arbitrary user's email address and request for reset password, which could lead to take over of WordPress's administrator account. To explo...