Advanced Custom Fields version 6.3.9 is now available.
👨💻 Please find the release notes below. And for the latest ACF news, follow us on Twitter @wp_acf.
Changelog
- Security – Editing an ACF Field in the Field Group editor can no longer execute a stored XSS vulnerability. Thanks to Duc Luong Tran (janlele91) from Viettel Cyber Security for the responsible disclosure
- Security – Post Type and Taxonomy metabox callbacks no longer have access to any superglobal values, hardening the original fix from 6.3.8 further
- Fix – ACF fields now correctly validate when used in the block editor and attached to the sidebar
For questions and help about this release, please contact our support team.
About the Author
Liam’s a veteran WordPress developer based in Bath, UK. He’s a fan of all things devops, gaming and coffee, but is still working on his espresso skills. Just don’t ask him to try latte art… the results are never good.
