CVEs-PoC/2023/CVE-2023-7286.md at efebdd4f2d72a3494ec92163e9e88e00a3646b8a

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-03 21:18:06 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the edit_users capability to access metadata of other users, this includes contributor-level users and above.

POC

Reference

https://wpscan.com/vulnerability/3538e80e-c2c5-4e7b-97c3-b7debad7a136

Github

https://github.com/20142995/nuclei-templates
https://github.com/cyb3r-w0lf/nuclei-template-collection

943 B Raw Blame History

CVE-2023-7286

Description

POC

Reference

Github

943 B

Raw Blame History