We use custom fields extensively, and I can’t imagine our WordPress development workflow without this plugin. It has literally saved us hundreds of hours of tedious work.

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS).

Specifically, Advanced Custom Fields — a plug-in making it easier for WordPress users to customize their edit screens — is being taken out of WP Engine’s hands and updated as a new plug-in ...