Critical WordPress Plugin Vulnerability Unleashed; Exploits Already Underway

Website security and monitoring platform Patchstack has recently disclosed a significant vulnerability in Advanced Custom Fields, a popular WordPress plugin. The flaw was made public on May 5 and came equipped with a Proof of Concept (PoC) exploit, highlighting the severity of the issue. The vulnerability, tracked as CVE-2023-30777 [], is a critical reflected cross-site scripting (XSS) flaw that lets unauthenticated attackers steal se
文 » A