We use a number of WordPress plugins on GeekWire. One of the most useful ones we’ve found is Advanced Custom Fields (ACF), which enables easy input and output of custom fields. We use custom fields ...

An advisory was published about a vulnerability in the popular Advanced Custom Fields: Extended WordPress plugin that is rated 9.8, affecting up to 100,000 installations. The flaw enables ...

A popular WordPress plugin could be putting around two million websites at risk of attack. Millions of WordPress-powered websites are using the Advanced Custom Fields and Advanced Custom Fields Pro ...

On October 12, 2024 local time, Mullenweg announced that he would fork ACF into a new plugin called 'Secure Custom Fields.' Mullenweg cited the fact that ACF updates are now done directly from the WP ...

Missing authorization vulnerability …allows a remote authenticated attacker to view the information on the database without the access permission. This kind of vulnerability allows an attacker to ...

Organizations using WordPress plug-in Advanced Custom Fields (ACF) are in the middle of an ugly and very public dispute between WP Engine (WPE), the maker of the plug-in, and Matt Mullenweg, the ...

Here's how to stay safe ...

A flaw in two WordPress custom plug-ins leaves users vulnerable to cross-site scripting attacks (XSS), according to a recent report. The flaw, called CVE-2023-30777 was discovered on May 2 and was ...

WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” resulting from WP Engine’s legal moves. WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” ...

Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin roughly 24 hours after a proof-of-concept (PoC) exploit was made public. The vulnerability ...