ACF now automatically escapes unsafe HTML when rendered by the_field.

You’ve logged into your WordPress site, and you’re seeing a daunting message at the top of your WordPress admin:

“ACF PRO — ACF now automatically escapes unsafe HTML when rendered by the_field or the ACF shortcode. We’ve detected the output of some of your fields has been modified by this change, but this may not be a breaking change. Learn more. Show details.”

What does the error message mean?

The error message indicates that the Advanced Custom Fields (ACF) plugin has been updated to automatically escape unsafe HTML when using functions like the_field() or the ACF shortcode. This change may affect how HTML content is displayed on your website.

Why is this happening?

ACF implemented this change to enhance security by automatically escaping HTML content to prevent cross-site scripting (XSS) vulnerabilities.

How does this affect my website?

If your website relies on displaying HTML content without escaping it manually, you may notice changes in how certain elements or formatting appear on your site.

Will this break my website?

It may not necessarily break your website, but it could affect the appearance or functionality of certain elements, especially if they rely on specific HTML formatting that is now being escaped.

What should I do if I see this message?

Here are a few steps you can take:

• Review the affected fields: Check which fields are producing the error message and assess how they are being displayed on your website.
• Check for formatting issues: Look for any formatting inconsistencies or elements that are not displaying as expected.
• Update your code: If necessary, update your code to manually escape HTML where needed, using appropriate functions or methods depending on your development environment.
• Test your changes: After making any updates, thoroughly test your website to ensure that the changes haven’t introduced any unexpected issues or broken functionality.
• Consult the ACF documentation: ACF provides documentation on how to handle this change and offers guidance on best practices for displaying HTML content securely.

Where can I learn more?

You can learn more about this change and how to handle it by referring to the ACF documentation, community forums, or contacting ACF support directly for assistance.

What if I am not a WordPress guru and don’t want to deal with it?

Give us a call. At Studio Simpatico, we offer affordable maintenance WordPress services to give you peace of mind and take care of these types of updates.