ACF Quick Edit Fields, 3538e80e-c2c5-4e7b-97c3-b7debad7a136

CVE, Research URL: 3538e80e-c2c5-4e7b-97c3-b7debad7a136
Home page URL: Security reports for ACF Quick Edit Fields
Application: ACF Quick Edit Fields
Published on: -
Research Description: ACF Quick Edit Fields [acf-quickedit-fields] < 3.2.3 ACF Quick Edit Fields < 3.2.3 - Contributor+ User Metadata Leak via IDOR The plugin does not restrict what user metadata created by the Advanced-Custom-Fields plugin should be accessible by a given user, enabling those without the `edit_users` capability to leak other users' custom metadata.
Affected versions: max 3.2.3.
Status: vulnerable