Vulnerabilities and security researches forbeebee-mini beebee-mini

Jun 07, 2024

CVE, Research URL: CVE-2022-2594
Home page URL: Security reports for Beebee Mini
Application: Beebee Mini
Date: Aug 22, 2022
Research Description: The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release.
Affected versions: Min -, max -.
Status: vulnerable