WP-Safety

Post Type Field for ACF Security & Risk Analysis

wordpress.org/plugins/post-type-field-acf

Post Type Field for ACF plugin introduces a new "Post Type" field for use within the Advanced Custom Fields (ACF) plugin.

0 active installs v1.1 PHP 7.4+ WP 5.0+ Updated Apr 29, 2025
acf-field-type-post-typepost-typepost-type-field
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Post Type Field for ACF Safe to Use in 2026?

Generally Safe

Score 100/100

Post Type Field for ACF has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago
Risk Assessment

The "post-type-field-acf" plugin v1.1 exhibits a seemingly strong security posture based on the provided static analysis and vulnerability history. The absence of any reported CVEs, critical taint flows, dangerous functions, or file operations is highly encouraging. Furthermore, the plugin demonstrates good practice by using prepared statements for all SQL queries. However, a significant concern arises from the output escaping analysis, where only 50% of the outputs are properly escaped. This indicates a potential risk for Cross-Site Scripting (XSS) vulnerabilities, as unsanitized data could be rendered directly in the browser. The plugin also lacks nonce checks and capability checks, which, while not immediately leading to a deduction given the current attack surface, represent missed opportunities for robust security layering.

Key Concerns

  • Half of outputs are not properly escaped
Vulnerabilities
None known

Post Type Field for ACF Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Post Type Field for ACF Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
3 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

50% escaped6 total outputs
Attack Surface

Post Type Field for ACF Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 3
filteracf/load_fieldpost-type-acf.php:129
actionadmin_noticespost-type-field-acf.php:31
actionacf/include_field_typespost-type-field-acf.php:36
Maintenance & Trust

Post Type Field for ACF Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedApr 29, 2025
PHP min version7.4
Downloads523

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Post Type Field for ACF Alternatives

Custom Post Type UI

Custom Post Type UI

custom-post-type-ui

A
93

Admin UI for creating custom content types like post types and taxonomies

1.0M 4 CVEs
Post Types Order

Post Types Order

post-types-order

A
100

Sort posts and custom post type objects using a drag-and-drop, sortable JavaScript AJAX interface, or through the default WordPress dashboard

600K No CVEs
Meta Box

Meta Box

meta-box

A
89

Meta Box plugin is a powerful, professional developer toolkit to create custom meta boxes and custom fields for your custom post types in WordPress.

500K 6 CVEs
Intuitive Custom Post Order

Intuitive Custom Post Order

intuitive-custom-post-order

A
99

Intuitively reorder Posts, Pages, Custom Post Types, Taxonomies, and Sites with a simple drag-and-drop interface.

400K 4 CVEs
Custom Post Type Permalinks

Custom Post Type Permalinks

custom-post-type-permalinks

A
92

Edit the permalink of custom post type.

200K No CVEs
Developer Profile

Post Type Field for ACF Developer Profile

Galaxy Weblinks

40 plugins · 25K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
310 days
View full developer profile
Detection Fingerprints

How We Detect Post Type Field for ACF

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/post-type-field-acf/post-type-acf.php

HTML / DOM Fingerprints

CSS Classes
apf_message
FAQ

Frequently Asked Questions about Post Type Field for ACF