Home Forums Feedback acf_form security documentation Reply To: acf_form security documentation

  • Just adding to what David has posted. The problem is specifically with fields that store values as arrays that get killed. The reason this happens is that wp_kses_post() expects a string input and returns a string as output.

    The fields that can cause problems are

    • checkbox
    • multi select
    • Any field that allows the selection of multiple values, like a relationship field, a post object field set to allow multiple, a taxonomy field set to allow multiple, etc.

    I’ve been looking and It does not appear that there’s anything that will work on arrays.