Important Vulnerability on Advanced Custom Fields Plugin for WordPress

Here at Imunify, we're always monitoring web data at scale - and we've noticed a clear trend: legitimate AI bots, like those from Meta, Apple, OpenAI, and other reputable organizations, are increasingly behaving aggressively, excessively consuming server resources, and often ignoring instructions in files like robot.txt.

These sorts of issues caused by AI-powered bots can severely impact both website performance and resource efficiency.

To assist hosting providers and website owners in effectively managing these aggressive bots, we’ve created specialized ModSecurity rule sets designed to precisely and effectively block significant AI bot traffic for some of the most popular AI modules.

A serious new vulnerability was identified in the popular Java logging library log4j v2. It received  ID CVE-2021-44228 - Apache Log4j2 Remote Code Execution. CVSS score 10.0.