The Advanced Custom Fields plugin prior to 5.8.12 for WordPress mishandles the escaping of strings in Select2 dropdowns, potentially leading to XSS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
advancedcustomfields advanced custom fields |