Request to Update "ACF PRO" Plugin due to Security Vulnerability

CIHRS · September 13, 2024, 10:33am

Dear ThemeCo Support Team,

I hope this message finds you well.

I would like to bring to your attention a critical security vulnerability identified in the “Advanced Custom Fields PRO” plugin. According to the following sources, this vulnerability can expose sites to authenticated stored cross-site scripting (XSS) attacks:

It is highly recommended to update the plugin to version 6.3.6 or later to mitigate this risk. Could you please ensure that the ACF plugin in the theme is updated accordingly to ensure the safety of users?

Thank you for your attention to this matter. I look forward to your response and the necessary updates.

Best regards,
Tarek

marc_a · September 13, 2024, 8:40pm

Hey Tarek,

Thanks for reaching out!

I’ve sent your request to our admin to ensure that we will have the latest version of ACF but we cannot give ETA.

rubin · September 16, 2024, 1:04pm

Hey There,

Version 6.3.6 is available via automatic updates. All the best!

CIHRS · September 16, 2024, 1:16pm

Thank you !

marc_a · September 17, 2024, 9:02am

Hey Cairo,

You’re most welcome!