Important Vulnerability on Advanced Custom Fields Plugin for WordPress

Today, we are thrilled to announce CloudLinux’s strategic investment in Seahawk, a leading provider of white-label, expert-led WordPress services. 

We are issuing this security advisory regarding a vulnerability discovered in the AI-Bolit component of Imunify products. A patch for this vulnerability was released on October 23, 2025, and has already been automatically deployed to the vast majority of servers.

 

 

The hosting industry never stands still. Every year, new technologies, fresh challenges, and unexpected opportunities change the way providers serve their customers. That’s exactly why we publish the Industry Year in Review report. It captures where we’ve been, where we’re going, and what it all means for the future of hosting.

Now, we’re teaming up with WebPros to make the 2026 edition better than ever, and we want your voice at the center of it.

We are pleased to announce the launch of the CloudLinux Network (CLN) API v2. This is a significant step forward in our mission to provide powerful, modern tools that help you automate license and server management, streamline your workflows, and integrate Imunify products directly into your environment.

If you run hosting infrastructure, you know security is non-stop. Attacks never sleep, malware is only getting smarter, and customers have little tolerance for downtime or compromise. At the same time, your team is stretched thin: support tickets pile up, and you’re asked to do more with less.

Here at Imunify, we're always monitoring web data at scale - and we've noticed a clear trend: legitimate AI bots, like those from Meta, Apple, OpenAI, and other reputable organizations, are increasingly behaving aggressively, excessively consuming server resources, and often ignoring instructions in files like robot.txt.

These sorts of issues caused by AI-powered bots can severely impact both website performance and resource efficiency.

To assist hosting providers and website owners in effectively managing these aggressive bots, we’ve created specialized ModSecurity rule sets designed to precisely and effectively block significant AI bot traffic for some of the most popular AI modules.

We have some extremely exciting news! The entire Imunify security suite, along with the CloudLinux Network (CLN), now includes full support for IPv6. This update ensures you can enjoy modern server infrastructure without limitations. And it’s all come about thanks to feedback from you: our customers.

If you run a hosting business, you know how tough security is. It can feel as though attacks become more sophisticated by the day, with bots launching brute-force attacks on login pages, malware sneaking in through outdated plugins and well-made phishing attempts aimed at your customers.

As many of you know, ConfigServer officially ceased all operations on August 31 2025, marking the end-of-life for its entire suite of products, including the widely-used ConfigServer Security & Firewall (CSF) service. So, what should you do next?

At CloudLinux, we are committed to ensuring our Imunify security suite stays ahead of the curve, providing you with comprehensive protection on the latest platforms.

Now, the Imunify product line now offers official, stable support for AlmaLinux 10.