Advanced Custom Fields: Extended
Moderate fix1 remedy
cpe:2.3:a:acf-extended:advanced_custom_fields:extended:*:*:*:*:wordpress:*:*
Moderate fix1 remedy
- <= 0.9.2.1
Advanced Custom Fields: Extended Privilege Escalation Vulnerability in WordPress
Vulnerability
Patched
A privilege escalation vulnerability has been identified in the Advanced Custom Fields: Extended plugin for WordPress, affecting all versions through 0.9.2.1. The issue arises because the 'insert_user' function does not properly restrict which roles users can assign during registration. This flaw allows unauthenticated attackers to register users with the 'administrator' role, thereby gaining admin access to the site. The vulnerability can only be exploited if the 'role' field is mapped to a custom field.
Impact
Exploitation of this vulnerability allows unauthenticated users to gain administrative privileges on the WordPress site.
Reproduction
To reproduce this vulnerability, an unauthenticated user must register a new account and assign the 'administrator' role during the registration process. This can be done by mapping the 'role' field to a custom field in the registration form, using the 'insert_user' action.
Remediation
Users are advised to update the Advanced Custom Fields: Extended plugin to version 0.9.2.2 or later.
Added: Jan 20, 2026, 10:21 AM
Updated: Jan 20, 2026, 10:21 AM
Vulnerability Rating
Custom Algorithm
spread
6.4impact
7.5exploitability
9.3remediation
7.7relevance
2.2threat
4.8urgency
2.9incentive
8.3Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.