GeekWire

WordPress Plugin Review: Advanced Custom Fields Pro

We use a number of WordPress plugins on GeekWire. One of the most useful ones we’ve found is Advanced Custom Fields (ACF), which enables easy input and output of custom fields. We use custom fields ...
IT World Canada

WordPress Advanced Custom Fields plugin vulnerable to reflected XSS attack

Following the discovery of CVE-2023-30777, a security flaw characterized by reflected cross-site scripting (XSS), users of the Advanced Custom Fields plugin for WordPress are advised to update to ...
GIGAZINE

WordPress forks popular WP Engine plugin 'Advanced Custom Fields' without permission, developer claims plugin was 'taken without consent'

On October 12, 2024 local time, Mullenweg announced that he would fork ACF into a new plugin called 'Secure Custom Fields.' Mullenweg cited the fact that ACF updates are now done directly from the WP ...
Searchenginejournal.com

ACF WordPress Plugin Vulnerability Affects Up To +2 Million Sites

Missing authorization vulnerability …allows a remote authenticated attacker to view the information on the database without the access permission. This kind of vulnerability allows an attacker to ...
Graham Cluley

WordPress plugin vulnerability puts two million websites at risk

A popular WordPress plugin could be putting around two million websites at risk of attack. Millions of WordPress-powered websites are using the Advanced Custom Fields and Advanced Custom Fields Pro ...
TechRadar

Hackers are attacking another serious WordPress security flaw - here's how to keep your site safe

Cybercriminals have been spotted abusing a known, high-severity vulnerability in a popular WordPress plugin, just a day after a proof-of-concept (PoC) exploit was published. Cybersecurity researchers ...