Security Advisory

CVE-2025-54940

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-08 04:34:02

Last updated 2025-08-08 16:11:14

Assigner jpcert

State PUBLISHED

Description

An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafted HTML code may be rendered and page display may be tampered.

← Browse all CVEs View on cve.org ↗