The ongoing WordPress industry war today – WordPress.org has pulled the popular WP Engine plugin off the platform.
Matt Mullenweg, CEO of Automattic and WordPress founder, has announced the removal of the Advanced Custom Fields (ACF) plugin from WP Engine due to security issues. Simultaneously, the WordPress team has forked or split this project into a plugin called Secure Custom Fields as a replacement for websites that have installed ACF, with a label indicating it’s a fork project.
Mullenweg cited Plugin Directory Guidelines 18, allowing problematic plugins to be removed immediately without developer consent. Should websites wish to continue using ACF, they must follow the steps outlined by WP Engine for updating through its own server. However, WordPress.org does not recommend this approach.
The ACF development team stated that in the 21-year history of WordPress, there has never been an incident of plugin seizure like this. They advise following WP Engine’s update instructions for now but claim this action breaches community agreements and sets new standards.
Source: WordPress.org
TLDR: WordPress.org removes the WP Engine plugin ACF due to security issues, leading to the creation of a new Secure Custom Fields plugin. ACF developers express concerns over this unprecedented action impacting the community’s agreements.
Leave a Comment