WordPress · Acf Quick Edit Fields · CVE-2023-7286
**Name of the Vulnerable Software and Affected Versions**
ACF Quick Edit Fields for WordPress versions up to, and including, 3.2.2
**Description**
The issue allows attackers without the `edit users` capability to access metadata of other users, including contributor-level users and above, due to Insecure Direct Object Reference.
**Recommendations**
For versions up to, and including, 3.2.2, update to a version higher than 3.2.2 to resolve the issue.