I’m interested in finally setting this as a best practice internally: creating my own custom fields or just using ACF plugin every time.
The only good defense for not using ACF is that there might be more security risks with it.
I had a site hacked that was using only ACF, but here’s the thing, it was my fault because stupid me wasn’t sanitizing a frontend form (fields made from ACF).
Assuming I don’t continue being stupid, should using ACF be safe longterm on these sites? I know I can auto-update plugins, but even if I don’t would it be safe keeping earlier versions of ACF? 10.0.0.0.1
issue got solved!!
