Hackers are attacking another serious WordPress security flaw – here’s how to keep your site safe

Cybercriminals have been spotted abusing a known, high-severity vulnerability in a popular WordPress plugin, just a day after a proof-of-concept (PoC) exploit was published.

Cybersecurity researchers from PatchStack discovered a cross-site script (XSS) vulnerability in Advanced Custom Fields, a popular plugin for the WordPress website builder (opens in new tab), with more than two million active installs. 

Leave a Reply

Your email address will not be published. Required fields are marked *