Critical security vulnerabilities in a WordPress plugin used on around 900,000 websites, allow malicious hackers to steal sensitive information entered on forms.
Read more in my article on the Hot for Security blog.
Category: plugin
Millions of WordPress-powered websites are using the Advanced Custom Fields and Advanced Custom Fields Pro plugins, which security researchers say have been vulnerable to cross-site scripting (XSS) attacks.
A critical vulnerability in a WordPress plugin used on over one million websites has been patched, after evidence emerged that malicious hackers were actively exploited in the wild.