WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks
![](https://search.ai.wiki/wp-content/uploads/2023/05/wordpress-advanced-custom-fields-plugin-xss-exposes-2m-sites-to-attacks.jpg)
A reflected cross-site scripting vulnerability is the Advanced Custom Fields plugin for WordPress exposed over 2 million sites to hacking.
Assetnote researchers discovered a reflected cross-site scripting vulnerability, tracked as CVE-2023-29489 (CVSS score: 6.1), in the Advanced Custom Fields plugin …