CVE-2024-1121 Information

Description

The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_json_file() function in all versions up to and including 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings.

Reference

https://www.wordfence.com/threat-intel/vulnerabilities/id/7b33f2ee-3f20-4494-bdae-3f8cc3c6dc73?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3031007%40advanced-forms&new=3031007%40advanced-forms&sfp_email=&sfph_mail=