ACF vulnerability || Version <= 6.1.5 is vulnerable to Cross Site Scripting (XSS)

WebMount · May 5, 2023, 1:10pm

Hi there,

Just in case an update is not in the spotlight at the moment. The request to update the bundled version of ACF to 6.1.6.

More about the vulnerability

Kind regards,
Chris

charlie · May 5, 2023, 1:29pm

Hello thanks for bringing this up. I’ve sent this to our admin to update. Have a great day.

bill_hodgson · May 6, 2023, 1:33pm

Please send out 6.1.6 ASAP which fixes this.

ruenel · May 7, 2023, 12:59am

Hello @bill_hodgson,

The plugin update will be available anytime soon.

Please bear with us. Thanks.

asherwunk · May 10, 2023, 1:01am

Same concern here, would really like an update? Please send out, been three days.

Jonson · May 10, 2023, 2:15am

Was just about to post a new thread when I saw this.
Wordfence is sending me automated emails listing the vulnerability from multiple all the websites I manage.
Please help!

Jonson · May 10, 2023, 2:28am

Update is pushed out! Thanx @ staff for your hard work

charlie · May 10, 2023, 3:01pm

We updated ACF to 6.1.6 yesterday, have a great day everybody!

system · May 20, 2023, 3:01pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.