Hackers are attacking another serious WordPress security flaw – here’s how to keep your site safe

Computers & IT

Cybercriminals have been spotted abusing a known, high-severity vulnerability in a popular WordPress plugin, just a day after a proof-of-concept (PoC) exploit was published.Cybersecurity researchers from PatchStack discovered a cross-site script (XSS) vulnerability in Advanced Custom Fields, a popular plugin for the WordPress website builder (opens in new tab), with more than two million active installs. The flaw, tracked as CVE-2023-30777, allowed threat actors to steal sensitive data from visitors and, in some cases, take over the website, entirely.Fast-moving crooksPatchStack

Read more