Description
Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in moving the field group which may allow a user to move the unauthorized field group via unspecified vectors.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Delicious Brains | Advanced Custom Fields and Advanced Custom Fields Pro | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-8276 | Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in moving the field group which may allow a user to move the unauthorized field group via unspecified vectors. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published:
Updated: 2024-08-03T17:53:22.983Z
Reserved: 2020-12-17T00:00:00.000Z
Link: CVE-2021-20867
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-12-13T07:15:07.003
Modified: 2024-11-21T05:47:18.573
Link: CVE-2021-20867
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses