According to the vendor: βThis release contains a fix to a recently reported XSS vunerability [sic]. This report showed it was possible for a logged in author to save unfiltered HTML within a custom field value. This is something that should not be possible without the unfiltered_html capability.β
CPE | Name | Operator | Version |
---|---|---|---|
advanced-custom-fields | lt | 5.7.8 |