CVE-2024-37250

Name of the Vulnerable Software and Affected Versions Advanced Custom Fields PRO versions prior to 6.3.1

Description The issue is related to a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels. This vulnerability can be exploited due to missing authorization in Advanced Custom Fields PRO, which affects the security of access control.

Recommendations For versions prior to 6.3.1, update to version 6.3.1 or later to resolve the issue. As a temporary workaround, consider reviewing and restricting access control configurations to minimize the risk of exploitation.