advanced-custom-fields version 6.3.12 has vulnerability(s)

**alevchenko** · 02-11-2025, 11:04 AM

Hi Paul,

Please mind that ImunifyAV collects information about vulnerable/outdated software with the help of third-party providers, in this case, Patchstack, the emails are then sent for informational purposes to customers in order to prevent possible infections by taking the recommended actions.

I see we had another report regarding PATCHSTACK:BD9D311515BB184495B0975518D5B4E0 which was reported to our developers.

According to them, this was an incorrect date from vulners: https://vulners.com/patchstack/PATCHSTACK:BD9D311515BB184495B0975518D5B4E0
Currently, we removed this record from our service, suppressing this notification.

Please let us know if notifications are still delivered to you.

**paul** · 02-12-2025, 12:11 AM

Originally posted by alevchenko

Hi Paul,

Please mind that ImunifyAV collects information about vulnerable/outdated software with the help of third-party providers, in this case, Patchstack, the emails are then sent for informational purposes to customers in order to prevent possible infections by taking the recommended actions.

I see we had another report regarding PATCHSTACK:BD9D311515BB184495B0975518D5B4E0 which was reported to our developers.

According to them, this was an incorrect date from vulners: https://vulners.com/patchstack/PATCHSTACK:BD9D311515BB184495B0975518D5B4E0
Currently, we removed this record from our service, suppressing this notification.

Please let us know if notifications are still delivered to you.

Thanks for your reply, unfortunately notifications are still being sent as of today.

**paul** · 02-13-2025, 12:18 PM

OK, I just got this today ....

Dear Administrator,

This message is to provide you important information regarding web server security. Please note that the following software in your environment is considered to be outdated or vulnerable:

advanced-custom-fields version 6.3.12 that is located at /home/xxx0/public_html has vulnerability(s):
- PATCHSTACK:BD9D311515BB184495B0975518D5B4E0
advanced-custom-fields version 6.3.12 that is located at /home/xxx1/public_html has vulnerability(s):
- PATCHSTACK:BD9D311515BB184495B0975518D5B4E0
advanced-custom-fields version 6.3.12 that is located at /home/xxx2/public_html has vulnerability(s):
- PATCHSTACK:BD9D311515BB184495B0975518D5B4E0
better-font-awesome version 2.0.4 that is located at /home/xxxx3/public_html has vulnerability(s):
- PATCHSTACK214DC9DB7704421BD0A514BE0AE4E29

All the Patchstack ID's are wrong, wrong version, wrong plugin.

Do i need to put in a support request as I can't trust the data it is sending and it is misleading?

**paul** · 02-13-2025, 12:28 PM

Originally posted by paul

OK, I just got this today ....

All the Patchstack ID's are wrong, wrong version, wrong plugin.

Do i need to put in a support request as I can't trust the data it is sending and it is misleading?

eg

better-font-awesome https://wordpress.org/plugins/better-font-awesome/ version 2.0.4 is installed

However the report says PATCHSTACK

214DC9DB7704421BD0A514BE0AE4E29 which is for https://wordpress.org/plugins/font-awesome/ 4.0.0-RC15 - 4.0.0-RC16 (11 Mar 2020)
https://wordpress.org/plugins/better-font-awesome/, a totally different plugin

**alevchenko** · 02-14-2025, 11:59 AM

Hi Paul,

Please submit a ticket to our Support Team so that our Engineers can better assist you with this case: https://cloudlinux.zendesk.com/agent/
If the situation requires our developers' involvement, our team will assist you more efficiently via the ticket.

We'll monitor the case and post the outcome in this thread for further reference by other forum visitors.

advanced-custom-fields version 6.3.12 has vulnerability(s)

advanced-custom-fields version 6.3.12 has vulnerability(s)

Comment

Comment

Comment

Comment

Comment