Advanced Custom Fields Pro - All Versions & Changelog | Zeebrar
Advanced Custom Fields Pro Version History
10 versions available
2 Credits
per install
Subscribe to connect and install
v6.8.2
LatestVerified Safe
Released 7.0 MB
*Release Date 26th May 2026*
* Security - ACF frontend forms (`acf_form()`) now respect the `post_title` and `post_content` form configuration options when processing submissions, ensuring those values are only saved when the form is configured to accept them. Thanks to Sarawut Poolkhet (MisterHelloz) for the responsible disclosure.
* Security - ACF frontend forms (`acf_form()`) now only save values for fields assigned to the form via the `fields` or `field_groups` parameters, or via the form's location rules
Security - ACF now correctly checks user permissions before running database upgrades on a specific site in a multisite network
Added
A `wp.data` store (`acf/fields`) is now available in ACF PRO for reading and writing ACF field values from JavaScript, which can be enabled via a new `acf/settings/enable_datastore` filter (requires WordPress 6.7 or later).
ACF PRO block bindings now support live preview and editing in the block editor, when both the datastore and the `enable_block_bindings` setting are enabled.
ACF PRO can now save metabox field values via Gutenberg's native REST flow with full revision and autosave support when using the datastore.
v6.8.0.1
Verified Safe
Released 6.7 MB
Other
Release Date 31st March 2026*
PRO Only Release*
Fixed
V3 blocks with WYSIWYG fields no longer enqueue TinyMCE editor assets on the frontend
V3 blocks with identical attributes and different InnerBlocks content no longer return cached output from the first block on the frontend
ACF now integrates with the WordPress Abilities API, allowing external consumers (AI tools) to manage field groups, post types, and taxonomies when explicitly enabled via the `enable_acf_ai` feature flag
ACF can now generate JSON-LD structured data fields when explicitly enabled via the `enable_schema` feature flag
v6.7.2
Verified Safe
Released 6.5 MB
*Release Date 26th March 2026*
* Security - Users' `unfiltered_html` capability is now correctly applied to REST API calls
* Security - Block Preview rendering now correctly checks the user has permission to edit that post
* Security - Repeater fields using pagination now correctly checks the user has permissions to edit that post
* Security - Flexible content fields layout title AJAX requests now correctly verify security nonces
* Security - Clone field AJAX admin endpoints now correctly check ACF admin permissions for field group listings
*Release Date 3rd March 2026*
* Security - User field AJAX queries now enforce field-configured role restrictions and validate search permissions
* Security - Post Object, Relationship, and Page Link field AJAX queries now enforce field-configured restrictions for post status, post type, and taxonomy
Added a new `convert_field_name_to_lowercase` JS filter to allow uppercase letters in ACF field names
The form for V3 Blocks can now be optionally hidden from the sidebar via a new `hideFieldsInSidebar` setting in block.json
V3 Blocks now display an "Open Expanded Editor" button in the sidebar for easier access to the full edit form
Fixed
The buttons to reorder ACF metaboxes are no longer hidden for metaboxes in the block editor sidebar
V3 Blocks now display a fallback message when the block preview can't be rendered due to invalid HTML being used in field values
V3 Blocks no longer show a loading spinner when preloaded
v5.12.3
Released 2.6 MB
*Release Date 14th July 2022*
* Security Fix - Inputs for basic file uploads are now nonced to prevent an issue which could allow arbitrary file uploads to forms with ACF fields (Thanks to James Golovich from Pritect, Inc.)
ACF PRO Blocks can now define their field group inline via an `acf.fields` array in `block.json`, or via a `fields` argument in `acf_register_block_type()`, with field keys auto-generated and scoped to the block
Fixed
Repeater and Flexible Content row helpers no longer trigger a PHP 8.x `TypeError` when `row_index_offset` or the active loop index is non-numeric
V3 Blocks with `hideFieldsInSidebar` enabled no longer show fields in the sidebar after the inline toolbar popover is closed
Scrollbars no longer appear under the tabs in field groups containing many tabs
The `acf/delete-{taxonomy}` ability no longer returns a 501 error when called without an explicit `force` argument, as terms cannot be trashed
The `prepare_field_for_ability_import` filter is now correctly removed after each Abilities field group import, preventing subsequent imports in the same request from having values corrupted
ACF now includes WP-CLI support with new `wp acf json` commands for importing, exporting, syncing, and checking the status of ACF JSON files
ACF custom post Types now support the WordPress 6.9+ "Notes" editor feature via a new "Notes" checkbox in the Supports settings
The Blocks V3 "Open in Expanded Editor" button text can now be customized via a new `acf.expandedEditorButtonText` block.json property
A new `acf/blocks/default_expanded_editor_button_text` PHP filter allows customizing the default "Open in Expanded Editor" button text for all V3 blocks
The Blocks V3 edit and "Open in Expanded Editor" buttons can now be hidden via a new `acf.expandedEditorButtons` block.json property
A new `blocks/expanded_editor_overlay_class` JS filter allows customizing the CSS class on the Expanded Editor modal overlay
ACF Blocks V3 now preloads the block form HTML alongside the preview, eliminating an extra AJAX call on mount
ACF inline script tags now use `wp_print_inline_script_tag()` for Content Security Policy (CSP) compliance and nonce support
The Expanded Editor buttons are now hidden for V3 blocks that have no fields assigned
Fixed
Flexible Content fields now properly clean up nested postmeta when a parent layout containing nested Flexible Content fields is deleted
The Expanded Editor "Done" button now stays disabled until the AJAX save completes, preventing data loss
Pressing Escape while the Expanded Editor is saving will no longer close the modal, preventing data loss
InnerBlocks content containing backslashes or dollar signs now renders correctly
Auto Inline Editing now only applies to ACF Blocks V3, resolving incorrect hover/focus borders appearing on V2 blocks
Validation errors in the V3 Expanded Editor no longer cause a dead-end state
Icon Picker selections in Repeater fields no longer disappear
Range field number input now syncs to the slider and correctly updates V3 block previews
Message field Name and Instructions settings are no longer shown in the field group editor
Image field no longer crashes in WordPress 7.0 release candidates
Auto Inline Editing blocks now receive block context variables in render templates
V3 blocks registered via PHP now correctly show the "Open in Expanded Editor" button
Flexible Content disabled layouts now work correctly in Blocks V3
Auto Inline Editing now works with blocks using `renderCallback`