CVE-2022-2594Unrestricted File Upload in Advanced Custom Fields

CWE-434Unrestricted File Upload3 documents3 sources
Severity
8.8HIGHNVD
EPSS
1.8%
top 17.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Todo Advanced Custom FieldsTodo Advanced Custom Fields PROAdvancedcustomfields Advanced Custom Fields
Timeline
PublishedAug 22
Latest updateAug 23

Description

The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5todo/advanced_custom_fields5.05.0*+1
CVEListV5todo/advanced_custom_fields_pro5.05.0*+1

🔴Vulnerability Details

2
GHSA
GHSA-m8hq-2c8m-w6cm: The Advanced Custom Fields WordPress plugin before 52022-08-23
CVEList
Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload2022-08-22
CVE-2022-2594 — Unrestricted File Upload | cvebase