Browse all 6 CVE security advisories affecting WP Engine. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-50041 | WordPress Gutenberg Blocks – ACF Blocks Suite plugin <= 2.6.11 - Cross Site Scripting (XSS) Vulnerability — Gutenberg Blocks – ACF Blocks SuiteCWE-79 | 6.5 | Medium | 2025-06-20 |
| CVE-2024-45429 | WordPress plugin Advanced Custom Fields和WordPress plugin Advanced Custom Fields Pro 安全漏洞 — Advanced Custom Fields | 5.4AI | MediumAI | 2024-09-04 |
| CVE-2022-40696 | WordPress Advanced Custom Fields Plugin 3.1.1-6.0.2 is vulnerable to Sensitive Data Exposure — Advanced Custom Fields (ACF)CWE-200 | 3.7 | Low | 2024-01-08 |
| CVE-2023-40068 | WordPress plugin Advanced Custom Fields 跨站脚本漏洞 — Advanced Custom Fields | 5.4 | - | 2023-08-21 |
| CVE-2023-24421 | WordPress PHP Compatibility Checker Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF) — PHP Compatibility CheckerCWE-352 | 5.4 | Medium | 2023-07-11 |
| CVE-2023-30777 | WordPress Advanced Custom Fields / Advanced Custom Fields PRO plugins <= 6.1.5 vulnerable to Cross Site Scripting (XSS) — Advanced Custom Fields ProCWE-79 | 7.1 | High | 2023-05-10 |
This page lists every published CVE security advisory associated with WP Engine. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.