hi!
My hosting provider say:
Massive SQL injection flaw in the advanced-custom-fields plugin.
$_POST[‘acf_posts’] can be used to run arbitrary DB commands which usually results in full site compromise.
how can I fix it?
Thankyou!
Tommy.
Hi @nhatrangart
Did your hosting provider mention which file this variable is an issue from?
Also, what version of ACF are you using?
Thanks
E