WordPress Advanced Custom Fields Extended Plugin Vulnerability

A vulnerability in an ACF addon plugin exposes up to 100,000 installations to a complete site takeover by unauthenticated ...
TechCrunch

In latest move against WP Engine, WordPress takes control of ACF plug-in

The dispute between WordPress founder Matt Mullenweg and hosting provider WP Engine continues, with Mullenweg announcing that WordPress is “forking” a plug-in developed by WP Engine. Specifically, ...
Bleeping Computer

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS). The two ...
GeekWire

WordPress Plugin Review: Advanced Custom Fields Pro

We use a number of WordPress plugins on GeekWire. One of the most useful ones we’ve found is Advanced Custom Fields (ACF), which enables easy input and output of custom fields. We use custom fields ...
Dark Reading

WP Engine Accuses WordPress of 'Forcibly' Taking Over Its Plug-in

Organizations using WordPress plug-in Advanced Custom Fields (ACF) are in the middle of an ugly and very public dispute between WP Engine (WPE), the maker of the plug-in, and Matt Mullenweg, the ...
GIGAZINE

WordPress forks popular WP Engine plugin 'Advanced Custom Fields' without permission, developer claims plugin was 'taken without consent'

On October 12, 2024 local time, Mullenweg announced that he would fork ACF into a new plugin called 'Secure Custom Fields.' Mullenweg cited the fact that ACF updates are now done directly from the WP ...