来源

关联漏洞

描述

Advanced Custom Fields: Extended WordPress plugin 0.9.0.5 through 0.9.1.1 contains a remote code execution caused by unsafe use of call_user_func_array() in prepare_form() function, letting unauthenticated attackers execute arbitrary code remotely.

文件快照

 id: CVE-2025-13486

info:
  name: Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution
  

...

备注