CVE-2025-14533
-
Critical ACF Extended bug lets attackers gain admin on about 50,000 WordPress sites
A flaw in ACF Extended allows unauthenticated attackers to gain administrator privileges. The bug, CVE-2025-14533, affects versions 0.9.2.1 and earlier. About 50,000 sites may still be exposed. Update to 0.9.2.2.
