WordPress Managed - Package updates
Pinned
WordPress (Managed)
-
Pushed a new 'Managed WP' package version 2.10.0 now:
- WordPress has been updated to version 5.4.1
- Now uses PHP 7.3
-
Pushed a new 'Unmanaged WP' package version 2.2.0 that installed WP 5.4.1 by default.
-
Both managed and unmanaged WP got updates to install the missing
php-imagick -
[2.10.2]
- Update WordPress to 5.4.2
- Release post
- Props to Sam Thomas (jazzy2fives) for finding an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor.
- Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
- Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
- Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads.
- Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation.
- Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions.
-
[2.11.0]
- Update authLdap to 2.4.2
- Fix manifest screenshots, forum url and post install
-
[2.11.1]
- Update WP Mail STMP to 2.2.1
- Update themes and plugins to latest version on first run
-
[2.12.0]
- Update WordPress to 5.5 "Eckstine"
- Release post
- Make php.ini customizable via /app/data/php.ini
- Fix bug where the CLI tool was served up in the "/wp" path
- Posts and pages feel faster, thanks to lazy-loaded images.
- Say hello to your new sitemap.
- Highlights from the block editor
- Server-side registered blocks in the REST API
-
[2.12.1]
- Update WordPress to 5.5.1
- Update smtp plugin to 2.3.1
- Make wp-admin without trailing slash work
-
[2.13.0]
- Update PHP to 7.4
-
[2.14.0]
- For new installations, always create an admin user. Cloudron users get 'editor' role by default.
- Update WP Mail SMTP to 2.5.0
- Log the real IP
- Use mod_rpaf
- Enable FTP
-
[2.14.1]
- Update WordPress to 5.5.3
- Release blog
-
[2.15.0]
- Install ioncube load extension
- Update WP Mail SMTP to 2.5.1
-
[2.16.0]
- Update WordPress to 5.6. "Simone"
- Release post
- Greater layout flexibility
- More block patterns
- Better video captioning
- Twenty Twenty-One is here!
- Expanding auto-updates
- Accessibility Statement
-
[2.16.1]
- Update wp-redis and wp-smtp plugins to latest in the default installation
- Rename authLdap plugin to authldap, so that upgrade works via WP dashboard
-
[2.16.2]
- Update WordPress to 5.6.1
- Release announcement
- #51056: Fetch_feed parsing of permalinks triggers simplepie preg_match warnings
- #52327: Requested updates to the PHP Update Alert
- #51940: The schema for the taxonomy property of a term in the REST API should not include all taxonomies
- #51980: App Passwords: ‘Add New Application Password’ submit button is hidden on mobile devices in ‘User Profile’ page
- #51995: WordPress 5.6: Classic editor menu is not sticky
- Update wp-redis and wp-smtp plugins to latest in the default installation
-
[2.17.0]
- Update base image to v3
- use smtp mailer instead of wp-mail-smtp
-
[2.17.1]
- Update WordPress to 5.6.2
- Release announcement
- #52440: Prevent the “Leave site” browser alert in Classic Editor when post title, excerpt, or post content fields are missing.
- #52396: Image options are not visible in pop up when the clicking replace button from Image block.
- #52449: Can’t change font size the 5.6.1 paragraph block.
-
[2.17.2]
- Update wp-mail-smtp plugin which allows changing Mail From without having to re-enter password
-
[2.18.0]
- Update WordPress to 5.7
- WP Admin: A new color palette
- New Robots API
- Ongoing cleanup after update to jQuery 3.5.1
- Lazy-load your iframes
