CVE-2025-13486 | Advanced Custom Fields Plugin up to 0.9.1.1 on WordPress prepare_form Remote Code Execution

Inserito da Angelo Barbosa | Dic 2, 2025 | CVE

A vulnerability described as critical has been identified in Advanced Custom Fields Plugin up to 0.9.1.1 on WordPress. Affected by this vulnerability is the function prepare_form. Such manipulation leads to Remote Code Execution.

This vulnerability is documented as CVE-2025-13486. The attack can be executed remotely. There is not any exploit available.

CVE-2025-13486 | Advanced Custom Fields Plugin up to 0.9.1.1 on WordPress prepare_form Remote Code Execution

Post correlati

CVE-2025-8992 | mtons mblog up to 3.5.0 cross-site request forgery (ICPMGP)

CVE-2024-56321 | GoCD up to 24.4.0 Backup Configuration input validation

CVE-2025-6305 | code-projects Online Shoe Store 1.0 /admin/admin_feature.php product_code sql injection

CVE-2024-12805 | SonicWALL SonicOS Management format string (SNWLID-2025-0004)