Unauthenticated Sensitive Information Disclosure vulnerability discovered by Mariusz Poplawski in WordPress ACF to REST API plugin (versions <= 3.2.0).
Update the WordPress ACF to REST API plugin to the latest available version (at least 3.3.0).