TechCrunch

In latest move against WP Engine, WordPress takes control of ACF plug-in

The dispute between WordPress founder Matt Mullenweg and hosting provider WP Engine continues, with Mullenweg announcing that WordPress is “forking” a plug-in developed by WP Engine. Specifically, ...
Searchenginejournal.com

ACF WordPress Plugin Vulnerability Affects Up To 2+ Million Sites

Advanced Custom Fields (ACF) WordPress plugin with over 2 million installations announced the release of a security update, version 6.2.5 that patches a vulnerability, the severity of which is not ...
Dark Reading

WP Engine Accuses WordPress of 'Forcibly' Taking Over Its Plug-in

Organizations using WordPress plug-in Advanced Custom Fields (ACF) are in the middle of an ugly and very public dispute between WP Engine (WPE), the maker of the plug-in, and Matt Mullenweg, the ...
Searchenginejournal.com

WordPress Site Builder Addon Allegedly Adds “Backdoor” To Disable Websites

A widely used add-on plugin for a popular WordPress site builder installed an anti-piracy script that essentially unpublishes all posts. WordPress developers are livid, with some calling the script a ...
Dark Reading

Backdoor Lurks Behind WordPress Caching Plug-in to Hijack Websites

Sophisticated malware capable of creating an administration account for a website is lurking behind an authentic-looking WordPress caching plug-in, giving threat actors a way to completely hijack ...
heise online

Wordpress: WPForms plug-in tears security hole in 6 million websites

Attackers can abuse a loophole in the Wordpress plug-in WPForms to reverse payments, for example. Six million websites use the plug-in. The Wordpress plug-in WPForms is one of the most popular ...
PC World

50,000 sites hacked through WordPress plug-in vulnerability

A critical vulnerability found recently in a popular newsletter plug-in for WordPress is actively being targeted by hackers and was used to compromise an estimated 50,000 sites so far. The security ...