WordPress (Developer) - Package Updates

girish

[2.16.2]

• Update redis-cache to 2.2.0
• Enable mod_ext_filter

girish

[2.16.3]

• Update WordPress to 6.0.3
• Release announcement
• Stored XSS via wp-mail.php (post by email) – Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. via JPCERT
• Open redirect in wp_nonce_ays – devrayn
• Sender’s email address is exposed in wp-mail.php – Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. via JPCERT
• Media Library – Reflected XSS via SQLi – Ben Bidner from the WordPress security team and Marc Montpas from Automattic independently discovered this issue

girish

[2.17.0]

• Update WordPress to 6.1
• Release announcement
• Twenty Twenty-Three: A fresh default theme with 10 distinct style variations
• New templates for an improved creator experience
• Design tools for more consistency and control
• Manage menus with ease
• Cleaner layouts and document settings visualization
• One-click lock setting for all inner blocks
• Improved block placeholders
• Compose richer lists and quotes with inner blocks
• More Responsive text with fluid typography
• Add starter patterns to any post type
• A streamlined style system

girish

[3.0.0]

• Update PHP to 8.1 - Please check compatibility of plugins after the upgrade.

girish

[3.0.1]

• Update WordPress to 6.1.1
• Release announcement

girish

[3.0.2]

• Fix path to ioncube loader

girish

[3.0.3]

• Update base image to 4.0.0

girish

[3.0.4]

• Fix cron to not skip plugins/themes

girish

[3.1.0]

• Update WordPress to 6.2
• Release announcement
• Meet the reimagined Site Editor
• Manage your menu in more ways with the Navigation block
• Discover a smoother experience for the Block Inserter
• Find the controls you want when you need them
• Build faster with headers and footers for block themes
• Explore Openverse media right from the Editor
• Focus on writing with Distraction Free mode
• Experience the Site Editor, now out of beta
• Meet the new Style Book
• Copy and paste styles
• Custom CSS
• Sticky positioning
• Importing widgets
• Local fonts in themes

girish

[3.1.1]

• Update WordPress to 6.2.1
• Update redis and smtp plugin
• Announcement
• Block themes parsing shortcodes in user generated data; thanks to Liam Gladdy of WP Engine for reporting this issue
• A CSRF issue updating attachment thumbnails; reported by John Blackbourn of the WordPress security team
• A flaw allowing XSS via open embed auto discovery; reported independently by Jakub Żoczek of Securitum and during a third party security audit
• Bypassing of KSES sanitization in block attributes for low privileged users; discovered during a third party security audit.
• A path traversal issue via translation files; reported independently by Ramuel Gall and during a third party security audit.

girish

[3.1.2]

• Update WordPress to 6.2.2
• Announcement
• Block themes parsing shortcodes in user-generated data; thanks to Liam Gladdy of WP Engine for reporting this issue.

girish

[3.2.0]

• Update WordPress to 6.3
• Announcement
• Do everything in the Site Editor
• Preview Block themes
• Create and sync patterns
• Work faster with the Command Palette
• Sharpen your designs with new tools
• Track design changes with Style revisions
• Annotate with the Footnotes block

girish

[3.2.1]

• Update WordPress to 6.3.1
• Announcement

girish

[3.2.2]

• Update LDAP Plugin to 2.5.8

girish

[3.2.3]

• Update LDAP Plugin to 2.5.9

girish

[3.2.4]

• Update default WordPress to 6.3.2
• Announcement

girish

[3.2.5]

• Update WP CLI to 2.9.0

girish

[3.2.6]

• Remove the wp-convert-multisite tool

girish

[3.3.0]

• Update WordPress to 6.4
• Announcement
• Meet Twenty Twenty-Four
• The Command Palette just got better
• Categorize and filter patterns
• Get creative with more design tools
• Make your images stand out
• Rename Group blocks
• Preview images in List View

girish

[3.3.1]

• Update WordPress to 6.4.1
• Announcement