CVE-2021-20865
Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse unauthorized data via unspecified vectors.
Date published : 2021-12-13
https://jvn.jp/en/jp/JVN09136401/index.html