WordPress Plugin Security Update Advisory (CVE-2025-13486)

Jan 08 2026

Overview

We have released a security update to address a vulnerability in our WordPress plugin. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-13486

Advanced Custom Fields: Extended Versions: 0.9.0.5 and later and 0.9.1.1 and earlier

Resolved Vulnerabilities

Remote code execution vulnerability in the Advanced Custom Fields: Extended plugin in WordPress (CVE-2025-13486)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-13486

Advanced Custom Fields: Extended Version: 0.9.2

References

[1] Advanced Custom Fields: Extended 0.9.0.5 – 0.9.1.1 – Unauthenticated Remote Code Execution in prepare_form
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/acf-extended/advanced-cust..

WordPress Plugin Security Update Advisory (CVE-2025-13486)

Google Android Family January 2026 Routine Security Update Advisory

N8n Security Update Advisory (CVE-2026-21858)

Tags:

Google Android Family January 2026 Routine Security Update Advisory

N8n Security Update Advisory (CVE-2026-21858)