Important Vulnerability on Advanced Custom Fields Plugin for WordPress

The WordPress content management system or (CMS) is one of the most popular web applications on the market. It’s estimated that WordPress powers almost 43% of the internet, up from 30% just a few years ago. The foundation for the content management system’s success is its convenience, simple installation, and vast theme and plugin community. WordPress can be used by someone who has very little knowledge of the ways a web application functions, but it comes at the expense of security. The article covers the following topics:

The recent cyber attack found by Patchstack researcher Rafie Muhammad on the "Advanced Custom Fields" plugin for WordPress is a stark reminder of how vulnerable websites can be to hackers. In this case, over two million users were at risk of cyberattacks due to a vulnerability (a flaw, tracked as CVE-2023-30777) that allowed miscreants to inject malicious code into webpages and potentially hijack administrative accounts.

With Apple’s recent release of a security update for the iPhone, iPad, and Mac, it brings attention to the critical importance of regular software updates. We’re going to explore the significance of staying up-to-date with the latest security patches and highlight the efforts of Imunify360 in enhancing their update process to deliver faster and safer protection for servers.

Welcome to the video recording of our interactive webinar on server security. CloudLinux Technical Account Manager Eric Ellis and Hivelocity Sr System Admin Eric Lewellen provide an overview of common server security ideas and engage in a lively debate about which ones matter and which ones don't.

Companies are increasingly at risk for security breaches in 2023. We’ve seen hacks at some of the biggest companies recently – LastPast, and GoDaddy (to name a few). Join CloudLinux Technical Account Manager Eric Ellis and Hivelocity System Admin Eric Lewellen for an overview and some lively debate about some of the most common server security ideas – which ones matter and which ones don’t.

In December 2022, hackers broke into the FBI’s 80,000-member Infragard database posing as the CEO of a financial institution. InfraGard is an outreach program that keeps public officials and private sector actors informed of national security and cybersecurity threats that could impact critical US infrastructure. 

Once inside the database, the hacker communicated directly with members in an attempt to gain personal information. Although the FBI hasn’t offered specifics on how the hacker was able to manipulate the system, we do know they had some key pieces of personal information for the person they were impersonating.

We’re wrapping up Cybersecurity Awareness Month with a webinar that’ll cover key tips to protect your servers from cyber attacks. Just in time for Halloween, we’ll dive deep into the online threats that lurk in the dark – and show you how to protect yourself from the dangers you can’t see.

An insider’s point of view is always valuable. Arianna Della Valle shared her perspective on server security with our own Eric Ellis in our webinar “Imunify360 Cybersecurity Awareness Month: Spotlight on Netsons” – now available on demand by clicking here.

To celebrate Cybersecurity Awareness month in October, we planned a special webinar to cover everything you need to know about how to protect your servers against unknown threats, specific types of attacks you may not know about, and why it matters more now than ever.

Join us on Tuesday, October 18 at 11 am EST / 5:00 pm GMT+2  for a conversation with Arianna Della Valle about her server security journey with hosting company Netsons. She’ll share the challenges Netsons faced, why change was critical, and how she’s been able to increase both productivity and profits.

Is your server security bullet proof? Could you benefit from a fully automated system that prevents malware and mitigates cyber attacks?

Join hosting security guru Eric Ellis this Friday at 1 pm EST to hear how others are using Imunify360 to secure their servers so they can focus on scaling their business.