Skip to content

Advanced Custom Fields v6.2.7
Compare
Choose a tag to compare
@lgladdy lgladdy released this 27 Feb 14:31
· 23 commits to master since this release
6.2.7
4bc79c8

Release Date 27th February 2024

  • Security Fix - the_field now escapes potentially unsafe HTML as notified since ACF 6.2.5. For full information, please read the release blog post
  • Security Fix - Field and Layout names are now enforced to alphanumeric characters, resolving a potential XSS issue
  • Security Fix - The default render template for select2 fields no longer allows HTML to be rendered resolving a potential XSS issue
  • Security Enhancement - A acf/shortcode/prevent_access filter is now available to limit what data the ACF shortcode is allowed to access
  • Security Enhancement - i18n translated strings are now escaped on output
  • Enhancement - ACF now universally uses WordPress file system functions rather than native PHP functions
Assets 3
Loading