Skip to content

Advanced Custom Fields v6.2.5
Compare
Choose a tag to compare
@lgladdy lgladdy released this 16 Jan 14:39
· 29 commits to master since this release
6.2.5
56687f0

Release Date 16th January 2024

  • Security Fix - The ACF shortcode will now run all output through wp_kses, escaping unsafe HTML. This may be a breaking change to your site but is required for security, a message will be shown in WordPress admin if you are affected. Please see the blog post for this release for more information. Thanks to Francesco Carlucci via Wordfence for the responsible disclosure
  • Security - ACF now warns via an admin message, when upcoming changes to the_field and the_sub_field may require theme changes to your site to avoid stripping unsafe HTML. Please see the blog post for this release for more information
  • Security - Users may opt in to automatically escaping unsafe HTML via a new filter acf/the_field/escape_html_optin when using the_field and the_sub_field before this becomes default in an upcoming ACF release.
Assets 3
Loading