Keitaro Yamazaki

Researcher fromIerae Security, Inc
#8118of 53,635
33.8Total CVSS
Vulnerabilities · 5
Medium
4
High
1
PT-2022-15903
6.5
2022-03-31
Unknown · Advanced Custom Fields Pro · CVE-2022-23183
**Name of the Vulnerable Software and Affected Versions** Advanced Custom Fields versions prior to 5.12.1 Advanced Custom Fields Pro versions prior to 5.12.1 **Description** A missing authorization issue allows a remote authenticated attacker to view database information without proper access permission. This enables unauthorized access to sensitive data. **Recommendations** For Advanced Custom Fields versions prior to 5.12.1, update to version 5.12.1 or later to resolve the issue. For Advanced Custom Fields Pro versions prior to 5.12.1, update to version 5.12.1 or later to resolve the issue.
PT-2021-14308
7.5
2021-12-13
Unknown · Advanced Custom Fields Pro · CVE-2021-20865
Name of the Vulnerable Software and Affected Versions: Advanced Custom Fields versions prior to 5.11 Advanced Custom Fields Pro versions prior to 5.11 Description: The issue concerns a missing authorization vulnerability in the browsing database. This may allow a user to browse unauthorized data via unspecified vectors. Recommendations: For Advanced Custom Fields versions prior to 5.11, update to version 5.11 or later. For Advanced Custom Fields Pro versions prior to 5.11, update to version 5.11 or later.
PT-2021-14309
6.5
2021-12-13
Unknown · Advanced Custom Fields Pro · CVE-2021-20866
Name of the Vulnerable Software and Affected Versions: Advanced Custom Fields versions prior to 5.11 Advanced Custom Fields Pro versions prior to 5.11 Description: The issue concerns a missing authorization vulnerability in obtaining the user list. This may allow a user to obtain unauthorized information via unspecified vectors. Recommendations: For Advanced Custom Fields versions prior to 5.11, update to version 5.11 or later. For Advanced Custom Fields Pro versions prior to 5.11, update to version 5.11 or later.
PT-2021-14310
6.5
2021-12-13
Unknown · Advanced Custom Fields Pro · CVE-2021-20867
Name of the Vulnerable Software and Affected Versions: Advanced Custom Fields versions prior to 5.11 Advanced Custom Fields Pro versions prior to 5.11 Description: The issue concerns a missing authorization vulnerability in moving the field group. This may allow a user to move an unauthorized field group via unspecified vectors. Recommendations: For Advanced Custom Fields versions prior to 5.11, update to version 5.11 or later. For Advanced Custom Fields Pro versions prior to 5.11, update to version 5.11 or later.
PT-2017-15287
6.8
2017-07-07
Marp · Marp · CVE-2017-2239
**Name of the Vulnerable Software and Affected Versions** Marp versions v0.0.10 and earlier **Description** The issue may allow an attacker to access local resources and files using JavaScript. **Recommendations** For Marp versions v0.0.10 and earlier, update to a version later than v0.0.10 to resolve the issue.