An urgent update is being called for sites using ACF WordPress. The popular Advanced Custom Fields (ACF) WordPress plugin recently released an update that addresses a serious security vulnerability. The new version, 6.2.5, closes a vulnerability that could allow contributors to insert malicious code. This update includes some changes to the way the ACF shortcode handles HTML elements, which could cause problems for some sites. See the detailed blog post about the bug https://www.advancedcustomfields.com/blog/acf-6-2-5-security-release/ you can reach from this address.

This important security update affects millions of users who manage their sites with WordPress and ACF. ACF plugin users are advised to upgrade to the latest version as soon as possible and review their site's compatibility with the new changes. In addition, a second security update, which will be extended to more ACF functionality in February 2024, version 6.2.7 is planned as

For WordPress users, regularly following and applying security updates is vital to protecting their site. Such updates can not only close existing security holes, but can also improve your site's performance and user experience.