Advanced Custom Fields version 6.7.1 is now available.
This release contains several security fixes for ACF and ACF PRO, with fixes to the User, Post Object, Page Link, and Relationship fields. Since this is a security release, we’ve also released ACF PRO 6.8.0-beta3, which includes these fixes in the beta branch.
We recommend that all users of ACF and ACF PRO update as soon as possible.
Wrap Up
👨💻 Please find the release notes below. And for the latest ACF news, follow us on Twitter @wp_acf.
We take the security of ACF extremely seriously and are always working on protecting our users. If you have discovered a vulnerability in the code or have a security issue, please see our Security page for more information.
Changelog
- Security – User field AJAX queries now enforce field-configured role restrictions and validate search permissions
- Security – Post Object, Relationship, and Page Link field AJAX queries now enforce field-configured restrictions for post status, post type, and taxonomy
For questions and help about this release, please contact our support team.
