security vulnerability that was discovered in the Advanced Custom Fields plugin

We are writing to you today to notify you about a security vulnerability that was discovered in the Advanced Custom Fields plugin.

If you have already updated Advanced Custom Fields to version 5.10, you can disregard this message.

Some of the plugin’s functions do not make proper capability checks, which allows low privilege users (such as subscribers) to view ACF data, move fields, and view field groups.

This affects versions prior to 5.10. We recommend updating this plugin immediately to the latest version.

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *