IT World Canada

WordPress Advanced Custom Fields plugin vulnerable to reflected XSS attack

Following the discovery of CVE-2023-30777, a security flaw characterized by reflected cross-site scripting (XSS), users of the Advanced Custom Fields plugin for WordPress are advised to update to ...
GIGAZINE

WordPress forks popular WP Engine plugin 'Advanced Custom Fields' without permission, developer claims plugin was 'taken without consent'

On October 12, 2024 local time, Mullenweg announced that he would fork ACF into a new plugin called 'Secure Custom Fields.' Mullenweg cited the fact that ACF updates are now done directly from the WP ...
Searchenginejournal.com

ACF WordPress Plugin Vulnerability Affects Up To +2 Million Sites

Join Pat Reinhart, VP of Services & Thought Leadership at Conductor, and Shannon Vize, Sr. Content Marketing Manager at Conductor, for an exclusive first look at the 2026 AEO/GEO Benchmarks Report, ...
Searchenginejournal.com

ACF WordPress Plugin Vulnerability Affects Up To 2+ Million Sites

Advanced Custom Fields (ACF) WordPress plugin with over 2 million installations announced the release of a security update, version 6.2.5 that patches a vulnerability, the severity of which is not ...