[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxI05gmS1xweEkqRkGO0jpA6gsrqKZTHQ8qSrQe1VHlA":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-40696","advanced-custom-fields-authenticated-contributor-information-disclosure","Advanced Custom Fields \u003C= 6.0.2 - Authenticated (Contributor+) Information Disclosure","The Advanced Custom Fields plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 6.0.2. While the ACF shortcode ensures that the ACF data being accessed is valid data that has been entered into ACF fields, it may be possible with certain site configurations, that contributor-level users may extract sensitive user or configuration data.","advanced-custom-fields",null,"\u003C=6.0.2","6.0.3","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2022-10-18 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6b26093a-ffb8-4d22-add1-eecd94f88129?source=api-prod",462]