News

GIGAZINE11mon

WordPress forks popular WP Engine plugin 'Advanced Custom Fields' without permission, developer claims plugin was 'taken without consent'

On October 12, 2024 local time, Mullenweg announced that he would fork ACF into a new plugin called 'Secure Custom Fields.' Mullenweg cited the fact that ACF updates are now done directly from the WP ...
IT World Canada2y

WordPress Advanced Custom Fields plugin vulnerable to reflected XSS attack

Following the discovery of CVE-2023-30777, a security flaw characterized by reflected cross-site scripting (XSS), users of the Advanced Custom Fields plugin for WordPress are advised to update to ...
HotHardware2y

Alarming WordPress Plugin Security Flaw Leaves 2M Sites Vulnerable To Attack

A WordPress plugin with over 2 million active installations left its users open to an alarming security flaw. The popular Advanced Custom Fields (ACF) plugin by WP Engine allows WordPress admins to ...
TechRadar2y

Hackers are attacking another serious WordPress security flaw - here's how to keep your site safe

Cybercriminals have been spotted abusing a known, high-severity vulnerability in a popular WordPress plugin, just a day after a proof-of-concept (PoC) exploit was published. Cybersecurity researchers ...