Security for everyone

CVE-2020-13700 Scanner

Detects 'Insecure Direct Object References (IDOR)' vulnerability in acf-to-rest-api plugin for Wordpress affects v. through 3.1.0.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one


Parent Category

CVE-2020-13700 Scanner Detail

The acf-to-rest-api plugin is a popular add-on for Wordpress that allows website owners to easily expose their Advanced Custom Fields (ACF) data via the REST API. This makes it easy for developers to query and work with custom fields in their applications without the need for complex SQL queries or custom code. With this plugin, website owners can easily extend the functionality of their Wordpress site and offer a more personalized, sophisticated user experience.

CVE-2020-13700 is a recently discovered vulnerability in the acf-to-rest-api plugin, which allows an attacker to exploit an insecure direct object reference via permalinks manipulation. This vulnerability can result in unauthorized access to sensitive data, such as login and password values, which can be found in the wp_options table. This security flaw can be dangerous, as it allows attackers to gain access to private information and potentially compromise the entire website.

If exploited, the vulnerability CVE-2020-13700 can lead to a number of negative outcomes, including data theft, unauthorized access to sensitive information, and even website downtime due to damage caused by a cyber-attack. Such incidents can be incredibly damaging for businesses and website owners, leading to loss of revenue, tarnished reputations, and other potentially long-term effects.

At, we offer a powerful platform that provides in-depth analysis of digital assets and identifies vulnerabilities in real-time using advanced technologies like machine learning. With our pro features, you can easily and quickly learn about vulnerabilities in your digital assets, allowing you to take action before any damage is done. So, don't wait - sign up today and protect your website from potential threats!



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture