BleepingComputer WordPress custom field plugin bug exposes over 1M sites to XSS attacks

[BleepingComputer]

WordPress custom field plugin bug exposes over 1M sites to XSS attacks


Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS). [...]


https://www.bleepingcomputer.com/news/se...s-attacks/