This week's knowledge share is about a rare but serious security bug that can be found in any PHP application. Luckily it is easy to avoid, and WordPress has a built-in function that developers can utilize to help secure against it. In vulnerability news we'll cover three vulnerabilities, including one PHP Object Injection bug in the popular Advanced Custom Fields plugin.