Important Vulnerability on Advanced Custom Fields Plugin for WordPress

Imunify360 has a robust set of mitigation that acts proactively against advanced attacks, and its layer works either on L7 (http request) against known vulnerabilities and also at runtime by our innovative Proactive defense module, and behind the scenes, there's a team of malware experts researching 24x7 and figuring out in-depth the malware behavior.

In today's digital era, cyberattacks have become a harsh reality, threatening the security of businesses and individuals alike. A new type of attack has emerged, known as a "web skimmer," which targets explicitly e-commerce websites, aiming to steal personal information and credit card data. The cunning use of legitimate websites as "command-and-control" servers sets this attack apart from its predecessors, enabling hackers to discreetly distribute malicious code while concealing their activities. The repercussions of such an attack are far-reaching, potentially compromising the sensitive data of thousands of unsuspecting website visitors. However, there is a solution that can provide an effective shield against these web skimmers: Imunify360.

False positives from your monitoring applications can cause undue stress and unnecessary overhead for administrators if they do not have the security knowledge to identify them. If monitoring software reports inaccurate information, administrators unfamiliar with cybersecurity could make changes based on the application’s false positives that could harm the security and stability of the environment. 

The WordPress content management system or (CMS) is one of the most popular web applications on the market. It’s estimated that WordPress powers almost 43% of the internet, up from 30% just a few years ago. The foundation for the content management system’s success is its convenience, simple installation, and vast theme and plugin community. WordPress can be used by someone who has very little knowledge of the ways a web application functions, but it comes at the expense of security. The article covers the following topics:

Server security is a top concern for hosting providers, and finding ways to enhance it while also generating revenue can be a challenge. However, with the launch of MyImunify, a revolutionary addition to the Imunify security suite, hosting companies now have the opportunity to transform server security into a lucrative revenue stream and take their security game to the next level.

We are thrilled to announce that the Imunify Security team from CloudLinux will be attending CloudFest USA 2023 from May 31st to June 3rd in Austin, TX, USA. As the proud Gold Sponsor of this event, we're gearing up to connect with you and showcase our innovative solutions that keep the cloud safe and secure.

The recent cyber attack found by Patchstack researcher Rafie Muhammad on the "Advanced Custom Fields" plugin for WordPress is a stark reminder of how vulnerable websites can be to hackers. In this case, over two million users were at risk of cyberattacks due to a vulnerability (a flaw, tracked as CVE-2023-30777) that allowed miscreants to inject malicious code into webpages and potentially hijack administrative accounts.

We’re pleased to announce a new beta version of the Imunify360 Firewall module. Version 7.1 is now available!

With Apple’s recent release of a security update for the iPhone, iPad, and Mac, it brings attention to the critical importance of regular software updates. We’re going to explore the significance of staying up-to-date with the latest security patches and highlight the efforts of Imunify360 in enhancing their update process to deliver faster and safer protection for servers.

We’re pleased to announce a new beta version of Imunify360. Version 7.0 is now available!