WPLift is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission.

Weekly WordPress News and Updates: Patch Now! ACF WordPress Plugin Vulnerability Affects Millions of Sites

Last Updated on January 19th, 2024


ACF WordPress Plugin Vulnerability

A security update for the popular Advanced Custom Fields (ACF) WordPress plugin has been released, version 6.2.5, that fixes a vulnerability that could allow users with contributor roles to insert malicious code. The update also introduces some changes that may break some sites using the ACF shortcode for rendering complex HTML elements. A second security update, version 6.2.7, is scheduled for February 2024, which will extend the security measures to more ACF functions. Users of the ACF plugin are advised to update to the latest version and review their site’s compatibility with the changes.

Happy WordPressing 🚀

// Team WPLift



A team of WordPress experts that love to test out new WordPress related software, WordPress plugins and WordPress themes.