"-Synchronized-Data."

2025-07-29 05:56:59 +00:00 · 2024-10-17 05:00:30 +00:00 · 2024-10-17 05:00:30 +00:00 · 6777dd09d7
commit 6777dd09d7
parent f6118e12af
1 changed files with 65 additions and 6 deletions
--- a/2024/49xxx/CVE-2024-49593.json
+++ b/2024/49xxx/CVE-2024-49593.json
@ -1,17 +1,76 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2024-49593",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2024-49593",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "In Advanced Custom Fields (ACF) before 6.3.9 and Secure Custom Fields before 6.3.6.3 (plugins for WordPress), using the Field Group editor to edit one of the plugin's fields can result in execution of a stored XSS payload. NOTE: if you wish to use the WP Engine alternative update mechanism for the free version of ACF, then you can follow the process shown at the advancedcustomfields.com blog URL within the References section below."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://wordpress.org/plugins/advanced-custom-fields/#developers",
+                "refsource": "MISC",
+                "name": "https://wordpress.org/plugins/advanced-custom-fields/#developers"
+            },
+            {
+                "url": "https://www.advancedcustomfields.com/changelog/",
+                "refsource": "MISC",
+                "name": "https://www.advancedcustomfields.com/changelog/"
+            },
+            {
+                "url": "https://www.advancedcustomfields.com/blog/installing-and-upgrading-to-the-latest-version-of-acf/",
+                "refsource": "MISC",
+                "name": "https://www.advancedcustomfields.com/blog/installing-and-upgrading-to-the-latest-version-of-acf/"
+            },
+            {
+                "url": "https://x.com/wp_acf/status/1845190372764401908",
+                "refsource": "MISC",
+                "name": "https://x.com/wp_acf/status/1845190372764401908"
            }
        ]
    }