CVE-2026-3243 | danbilabs Advanced Members for ACF Plugin up to 1.2.5 on WordPress Path Validation create_crop path traversal

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability classified as critical has been found in danbilabs Advanced Members for ACF Plugin up to 1.2.5 on WordPress. This affects the function create_crop of the component Path Validation Handler. This manipulation causes path traversal.

This vulnerability is registered as CVE-2026-3243. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-3243 | danbilabs Advanced Members for ACF Plugin up to 1.2.5 on WordPress Path Validation create_crop path traversal

Post correlati

CVE-2023-36012 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 DHCP Server Service information disclosure

CVE-2024-9931 | Wux Blog Editor Plugin up to 3.0.0 on WordPress improper authentication

CVE-2024-6009 | itsourcecode Event Calendar 1.0 process.php regConfirm/regDelete userId sql injection

CVE-2024-33698 | Siemens SIMATIC Information Server 2022 UMC heap-based overflow (ssa-039007)