Is there a security vulnerability in Advanced Custom Fields related to the SCF fork?

It’s probably the issue mentioned in the changelog for 6.3.8 here. The developers were unable to release the patch on dot org themselves because Mullenweg had unilaterally revoked their access to the plugin repository because the plugin is owned by WP Engine. The issue has been patched in the version available directly from the developer, as you can see from the changelog.

The security issue used to justify the takeover of the plugin page only existed at that time because the developers were prevented from patching it themselves by the person who took it over. You can draw your own conclusions about what’s going on there.

Related Posts:

  1. Is it okay to use an ACF field to store a password for a protected area of a page?
  2. How to import CSV into Custom Post Type custom fields?
  3. ACF – get fields from group
  4. How to get “Additional CSS Class” for ACF Gutenberg block
  5. Advanced Custom Fields select field : How to echo the label, not the value? [closed]
  6. ACF: get_field() returning false [closed]
  7. How to get_terms() only of terms matching an ACF meta value?
  8. Query between dates using Date Picker fields
  9. Advanced custom field – gallery – display one random image
  10. Showing an ACF field in admin posts dashboard
  11. Google Places API With ACF [closed]
  12. Check for the existence of custom field
  13. ACF Repeater Field, need IF statement for if sub field has content
  14. Can not create fields in ACF with code
  15. Advanced Custom Fields – Check if multiple get_fields exist?
  16. ACF – Custom fields have dissappeared [closed]
  17. Error in Validate Field with ACF plugin in WordPress
  18. disable (read only) a field if within a custom post type name
  19. How to change the page title from functions.php
  20. Acf Pro repeater field returns null [closed]
  21. Insert Commas into ACF number field
  22. How I can check if get_theme_mod is in header or a template part
  23. Using pre_get_posts for meta value of LIKE comparison on ACF repeater sub field
  24. WP Rest endpoint with custom post type and ACF Fields
  25. Advanced custom fields: Customise date picker’s start date (need to choose year 1500 onwards) [closed]
  26. ACF Advanced Custom Fields | Help me grab the fields on my WooCommerce homepage [closed]
  27. My get_terms not working for custom fields
  28. Updating the database with advanced custom fields
  29. How to share repeated fields across multiple pages?
  30. ACF: replace comma with another sign [closed]
  31. Remove headings option from Wysiwyg editor from ACF in a certain custom post type
  32. Organize media library into folders and get folders via WP Rest API?
  33. ACF (Advanced Custom Fields) not updating post or postmeta values
  34. Remove YoastSEO meta description from output/source [closed]
  35. Advanced Custom Fields changes get stuck in cache
  36. WordPress Date with ACF
  37. ACF Multiple Checboxes Output
  38. Filter posts by advanced custom field
  39. Insert Content into Script with Advanced Custom Fields
  40. Migrating data from ACF to WordPress custom meta boxes
  41. Check for image with same filename but different extension
  42. ACF: Querying relationship fields with Author
  43. How to get both image attachment ID and url
  44. Function wp_enqueue_style was called incorrectly
  45. how make file upload field through custom field
  46. ACF Clone Field – Set Default Value
  47. ACF save json to custom directory not working, default acf-json used instead
  48. ACF URL behavior, duplicating links
  49. Advanced Custom Fields oembed only outputs YouTube URL
  50. Do comparision after updates hooks of acf-fields?
  51. Importing ACF code in other page templates
  52. ACF Content with WPML not saving [closed]
  53. Order get_terms by multiple meta_values
  54. How do you display a custom field on a new page? [closed]
  55. Hash password field to database, unhash in admin?
  56. Pulling in content from another page [closed]
  57. Advanced Custom Fields – Check multiple Empty Fields [closed]
  58. Simple Calendar
  59. How to only show ACF field if another block is being used?
  60. ACF Select Field can’t return Array
  61. Advanced Custom Field Textarea not Showing (ListingPro Theme)
  62. Using the WP CLI to output the HTML results of calling a post?
  63. Image is displaying with the url of the image as well
  64. How to add a custom field for image in “Text and Full Image(text right)” layout?
  65. Trying to add ACF to authors meta and adding a class at the same time
  66. Fill up advanced custom field of a custom post type via API REST POST
  67. Two problems that are likely related to AJAX
  68. Fancybox3 ACF repeater. URL strip out from the caption field
  69. Get values from an advanced custom field
  70. ACF Map with custom styles field
  71. Front End User Registration – How to Save ACF Values?
  72. Which is faster: Loading images from the repo, or loading them using ACF Image Content via Media Library
  73. ACF don’t save the selected value
  74. help with really simple csv importer
  75. Advanced Custom Fields Gallery and Flex Slider [reformuled]
  76. WordPress API response filter by ACF value
  77. ACF Pro Date Picker not coming through on Loop
  78. ACF not updating value correctly
  79. ACF Repeater and Sort
  80. How to display dropdown filters for posts
  81. Creating a page from acf fields
  82. Use an image’s url as argument in update_field function
  83. Add a mailto button next to custom field download link
  84. Pin to Top Functionality using orderby custom field then event date
  85. Update the value of every page’s content editor with the value of an Advanced Custom Field on that page
  86. WordPress loop based on url sting
  87. Array sorting by custom field date
  88. Advanced Custom Fields repeter field expiration
  89. Conditional Custom field with foreach
  90. Post Image alt text not appearing in WordPress website
  91. meta_query for an ACF checkbox field don’t works correctly
  92. Use Advance Custom Fields to fill text widget [closed]
  93. ACF gallery & bootstrap colls and rows [closed]
  94. Custom headings on WYSIWYGs per flexible content module in ACF
  95. Get ACF time in His format
  96. How to get posts in backbone where a custom field matches a value?
  97. Using have_rows() with nested acf fields [closed]
  98. WordPress API V2 – filter and order by ACF field
  99. Adding a custom field of code to a squeeze page
  100. Array_splice index problem in ACF Flexible Content
tech