ACF plugin bug gives hackers admin on 50,000 WordPress sites

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be ...

WordPress Advanced Custom Fields Extended Plugin Vulnerability

A vulnerability in an ACF addon plugin exposes up to 100,000 installations to a complete site takeover by unauthenticated ...
ITmedia

200万に影響 WordPressで人気のカスタムフィールドプラグインに重要な ...

この記事は会員限定です。会員登録すると全てご覧いただけます。 WordPressの人気プラグインである「Advanced Custom Fields」(ACF)に重大なセキュリティ脆弱(ぜいじゃく)性が存在するとPatchstackが報じた(脆弱性の発見者であるGMOサイバーセキュリティ byイエ ...
マイナビニュース

200万超のWordPressサイトが影響を受ける脆弱性に注意、機密情報窃取 ...

Patchstackは5月5日(現地時間)、「Reflected XSS in Advanced Custom Fields Plugins Affecting 2+ Million Sites」において、WordPressで人気のあるカスタムフィールドプラグインにクロスサイトスクリプティング(XSS: Cross-Site ...
GIGAZINE

WordPress forks popular WP Engine plugin 'Advanced Custom Fields' without permission ...

On October 12, 2024 local time, Mullenweg announced that he would fork ACF into a new plugin called 'Secure Custom Fields.' Mullenweg cited the fact that ACF updates are now done directly from the WP ...
The Verge

WordPress.org’s latest move involves taking control of a WP Engine plugin

WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” resulting from WP Engine’s legal moves. WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” ...
TechRadar

This WordPress plugin security flaw could put millions of websites at risk - find out if ...

A popular plugin for the Wordpress website builder with more than two million active installs carried a severe flaw which allowed threat actors to steal sensitive data from visitors and, in some cases ...