GHSA-3xc6-wgx8-2ffvCriticalCVSS 10.0
Improper Control of Generation of Code ('Code Injection') vulnerability in ACPT ACPT (Pro) -...
🔗 CVE IDs covered (1)
📋 Description
Improper Control of Generation of Code ('Code Injection') vulnerability in ACPT ACPT (Pro) - Custom Post Types Plugin for WordPress allows Remote Code Inclusion.
This issue affects ACPT (Pro) - Custom Post Types Plugin for WordPress: from n/a through 2.0.47.
🔗 References (3)
- https://nvd.nist.gov/vuln/detail/CVE-2026-25470
- https://patchstack.com/database/wordpress/plugin/advanced-custom-post-type/vulnerability/wordpress-acpt-pro-custom-post-types-plugin-for-wordpress-plugin-2-0-47-remote-code-execution-rce-vulnerability?_s_id=cve
- https://github.com/advisories/GHSA-3xc6-wgx8-2ffv