Advanced Forms for ACF version 1.9.3.8 released

Version 1.9.3.8 is now live for both Advanced Forms and Advanced Forms Pro. This is a security release — we recommend updating as soon as you can.

What’s in this release

1.9.3.8 adds missing authorization and nonce checks to the form import handler, sanitises form titles and descriptions on output as an additional safeguard, and fixes a PHP warning that could appear when saving a form. The most important thing is simply to update — the free version updates through wordpress.org, and Pro licence holders can update from the Plugins screen or download the latest build from the downloads area of their Hookturn account.

Changelog

  • Security: Added missing authorization and nonce checks to the form import handler.
  • Security: Form titles and descriptions are now sanitised on output.
  • Fixed a PHP warning when saving a form.

Thanks to Jakub Herman and the Patchstack team for the responsible disclosure.

Phil Kurth

Web / Twitter

About the author

Phil Kurth is a web developer living in Melbourne, Australia. Phil has a long history of WordPress development and enjoys building tools to empower others in their web design/development practice.

When not working with the web, Phil is usually spending time with his two young sons or is out hiking through the Australian bush.

Posted by in Hookturn News & Releases tagged

Good dev stuff, delivered.

Product news, tips, and other cool things we make.

We never share your data. Read our Privacy Policy

Twitter Facebook GitHub

Explore more ACF resources at AwesomeACF.com

© 2016 – 2026 Hookturn Digital. All rights reserved.