Vulnerabilities > CVE-2022-23183 - Missing Authorization vulnerability in Advancedcustomfields Advanced Custom Fields

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
advancedcustomfields
CWE-862

Summary

Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and Advanced Custom Fields Pro versions prior to 5.12.1 allows a remote authenticated attacker to view the information on the database without the access permission.

Common Weakness Enumeration (CWE)