Vulnerabilities

Report: - Advanced Custom Fields: Extended <= 0.9.2.3 - unauthenticated arbitrary shortcod... CVE-2025-15463

2026-05-13 0 views admin

CVE ID :CVE-2025-15463 Published : May 12, 2026, 10:24 p.m. | 56 minutes ago Description :The The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.9.2.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15463

Published

May 12, 2026

Affected Product: WordPress

🏷️ Tags

reportadvancedcustomfieldsextendedunauthenticatedarbitraryshortcod15463cve

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: - Advanced Custom Fields: Extended <= 0.9.2.3 - unauthenticated arbitrary shortcod... CVE-2025-15463

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Ultimate Guide: CVE-2026-8202 - Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

Report: CVE-2026-8053 - FlatBSON Duplicate Field Index Drift - Expert Insights

Report: CVE-2026-8199 - Post-auth memory exhaustion via bitwise match expressions

Report: CVE-2026-8200 - Schema validation log messages may not redact user data - Complete Guide

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting