The maintainers [1] and the Wordpress project’s core security team lead [2] said that the fix was already published, despite your blocking them from publishing it directly and irresponsibly disclosing the issue out of spite [3].

Was that not true?

[1] https://x.com/wp_acf/status/1843376378210857441

[2] https://x.com/johnbillion/status/1843750679141331039

[3] https://x.com/johnbillion/status/1842627564453454049