Searchenginejournal.com

ACF WordPress Plugin Vulnerability Affects Up To +2 Million Sites

Missing authorization vulnerability …allows a remote authenticated attacker to view the information on the database without the access permission. This kind of vulnerability allows an attacker to ...
GIGAZINE

WordPress forks popular WP Engine plugin 'Advanced Custom Fields' without permission, developer claims plugin was 'taken without consent'

On October 12, 2024 local time, Mullenweg announced that he would fork ACF into a new plugin called 'Secure Custom Fields.' Mullenweg cited the fact that ACF updates are now done directly from the WP ...
The Verge

WordPress.org’s latest move involves taking control of a WP Engine plugin

WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” resulting from WP Engine’s legal moves. WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” ...
HotHardware

Alarming WordPress Plugin Security Flaw Leaves 2M Sites Vulnerable To Attack

A WordPress plugin with over 2 million active installations left its users open to an alarming security flaw. The popular Advanced Custom Fields (ACF) plugin by WP Engine allows WordPress admins to ...
The Verge

WordPress parent company must stop blocking WP Engine, judge rules

Automattic and its CEO Matt Mullenweg also have to quit interfering with WP Engine’s ACF plugin. Automattic and its CEO Matt Mullenweg also have to quit interfering with WP Engine’s ACF plugin. is a ...
Searchenginejournal.com

ACF WordPress Plugin Vulnerability Affects Up To 2+ Million Sites

Advanced Custom Fields (ACF) WordPress plugin with over 2 million installations announced the release of a security update, version 6.2.5 that patches a vulnerability, the severity of which is not ...