CVE-2023-22676 LOW

CVE-2023-22676: WordPress Advanced Custom Fields: Image Crop Add-on Plugin <= 1.4.12 is vulnerable to Broken Access Control

Vendor Anders Thorborg
Product Anders Thorborg
Weakness CWE-862 · Missing authorization
Published December 29, 2023
Last update April 28, 2026

CVSS base score

3.1/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N