6.8.4

Release Date
30th April 2026

Features

• Backports 6.8.0 and 6.8.0.1 feature work into SCF.
• AI integration: SCF now integrates with the WordPress Abilities API, allowing external consumers, including AI tools, to manage field groups, post types, and taxonomies when explicitly enabled via the feature flag.
• Structured data: SCF can now generate JSON-LD structured data fields when explicitly enabled via the feature flag.
• WP-CLI: Added and backward-compatible commands for importing, exporting, syncing, and checking the status of SCF JSON files.
• Post types: SCF custom post types now support the WordPress 6.9+ Notes editor feature via a new Notes checkbox in the Supports settings.
• JSON Schemas: Added v1 schemas for supported field types and updated field group, post type, and taxonomy schemas.

Enhancements

• Blocks V3: The Open in Expanded Editor button text can now be customized via a new block.json property.
• Blocks V3: Added an PHP filter to customize the default Open in Expanded Editor button text.
• Blocks V3: The edit and Open in Expanded Editor buttons can now be hidden via a new block.json property.
• Blocks V3: Added a JavaScript filter for customizing the Expanded Editor modal overlay class.
• Blocks V3: The block form HTML is now preloaded alongside the preview, eliminating an extra AJAX call on mount.
• Blocks V3: Expanded Editor buttons are now hidden for V3 blocks that have no fields assigned.
• SCF inline script tags now use for Content Security Policy (CSP) compliance and nonce support.

Fixes

• V3 blocks with WYSIWYG fields no longer enqueue TinyMCE editor assets on the frontend.
• V3 blocks with identical attributes and different InnerBlocks content no longer return cached output from the first block on the frontend.
• Flexible Content fields now properly clean up nested postmeta when a parent layout containing nested Flexible Content fields is deleted.
• The Expanded Editor Done button now stays disabled until the AJAX save completes, preventing data loss.
• Pressing Escape while the Expanded Editor is saving will no longer close the modal, preventing data loss.
• InnerBlocks content containing backslashes or dollar signs now renders correctly.
• Auto Inline Editing now only applies to SCF Blocks V3, resolving incorrect hover/focus borders appearing on V2 blocks.
• Auto Inline Editing blocks now receive block context variables in render templates.
• Auto Inline Editing now works with blocks using .
• Validation errors in the V3 Expanded Editor no longer cause a dead-end state.
• Icon Picker selections in Repeater fields no longer disappear.
• Range field number input now syncs to the slider and correctly updates V3 block previews.
• Message field Name and Instructions settings are no longer shown in the field group editor.
• Image field no longer crashes in WordPress 7.0 release candidates.
• V3 blocks registered via PHP now correctly show the Open in Expanded Editor button.
• Flexible Content disabled layouts now work correctly in Blocks V3.

6.8.3

Release Date 22th April 2026

Fixes

• Fix command palette type error on wp-admin.
• Plugins requiring ACF are also validated for SCF.
• REST API calls now honor the user's capability.
• Block Preview rendering now verifies the user can edit the target post.
• Paginated Repeater fields now verify the user can edit the target post.
• Flexible Content layout title AJAX requests now validate a security nonce.
• Clone field AJAX endpoints now enforce SCF admin permissions on field group listings.

6.8.2

Release Date 24th March 2026

Fixes

• AJAX Handlers: Prefix field-specific nonces to resolve an issue where third-party nonces could be treated as valid for AJAX calls.
• Block Preview: Verify that user has access to post specified via block context.
• Repeater Field: Verify that user has access to specified post.
• REST API: Apply KSES sanitization to field content saved by users without unfiltered_html capabilities.
• REST API: Respect show_in_rest setting for field groups in /types endpoint.

6.8.1

Release Date 11th March 2026

Backports from 6.7.1

• Security - User field AJAX queries now enforce field-configured role restrictions and validate search permissions.
• Security - Post Object, Relationship, and Page Link field AJAX queries now enforce field-configured restrictions for post status, post type, and taxonomy.
• Site Health - Track blocks using auto inline editing.

6.8.0

Release Date 30 Dec 2025

Features

• Abilities integration: added field abilities for Field Groups and individual Fields.
• Abilities integration: added trash/untrash abilities for internal post types.
• All backports up to 6.7.0.2.
• JSON Schemas: Added all field schemas.
• WooCommerce HPOS: Added support for custom fields on any WooCommerce Order Types.
• Added PHPUnit tests.

Fixes

• Hide duplicated Command Palette Commands on WP 6.9+.
• Fix field schema validation for WP Rest API.
• Fix checkbox toggle functionality.

6.7.1

Release Date 10 Dec 2025

Features

• JSON Schemas: Added Options Pages schema.

Fixes

• Fixed too-early validation of schemas causing a fatal error.
• Fix block validation on WordPress 6.2.

6.7.0

Release Date 3 Dec 2025

Features

• Tested compatibility up to WordPress 6.9.
• Abilities support. Taxonomy abilities.
• JSON schemas. Taxonomy schema.

6.6.0

Release Date 19 Nov 2025

Features

• Backported features up to 6.6.0.
• Abilities API integration. Post Type abilities.
• JSON schemas validation infrastructure.

Fixes

• Fixed Function in network.php
• SCF label in "More" menu.
• Get the formatted_value from the original field value.
• Blocks V3: Fix flexible content not working in sidebar - modal.
• Use specific entity prefixes for key generation when duplicating entities.

6.5.7

Release Date 28 Aug 2025

Features

• Flexible Content layouts can now be renamed in the post editor, giving content editors better clarity when managing layouts.
• Flexible Content layouts can now be disabled, preventing them from rendering on the frontend without needing to delete their data.
• Flexible Content layouts can now be collapsed and expanded in bulk for faster content editing.
• Editing a Flexible Content layout now highlights the layout being edited, making it easier to identify.
• The Date and Date Time Picker fields can now be configured to default to the current date.
• Custom Icon Picker tabs now work correctly when used inside an ACF Block.
• Duplicating a Field Group no longer causes a fatal error when using Russian translations.
• ACF classes no longer use dynamic class properties, improving compatibility with PHP 8.2+.
• Field group metabox collapse and expand buttons are no longer misaligned in the post editor.
• HTML is now escaped from field validation errors and tooltips.
• Added a new source parameter to the /wp/v2/types REST API endpoint that allows filtering post types by their origin: core (WordPress built-in), scf (for SCF managed types), or other for the rest of CPTs.

Security

– Unsafe HTML in field group labels is now correctly escaped for conditionally loaded field groups, resolving a JS execution vulnerability in the classic editor.
– HTML is now escaped from field group labels when output in the ACF admin.
– Bidirectional and Conditional Logic Select2 elements no longer render HTML in field labels or post titles.
– The acf.escHtml function now uses the third party DOMPurify library to ensure all unsafe HTML is removed. A new esc_html_dompurify_config JS filter can be used to modify the default behaviour.
– Post titles are now correctly escaped whenever they are output by ACF code. Thanks to Shogo Kumamaru of LAC Co., Ltd. for the responsible disclosure.
– An admin notice is now displayed when version 3 of the Select2 library is used, as it has now been deprecated in favor of version 4.

6.5.6

Warning

Release discarded due to SVN errors.