WordPress Managed - Package updates
Pinned
WordPress (Managed)
-
[2.10.2]
- Update WordPress to 5.4.2
- Release post
- Props to Sam Thomas (jazzy2fives) for finding an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor.
- Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
- Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
- Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads.
- Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation.
- Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions.
-
[2.12.0]
- Update WordPress to 5.5 "Eckstine"
- Release post
- Make php.ini customizable via /app/data/php.ini
- Fix bug where the CLI tool was served up in the "/wp" path
- Posts and pages feel faster, thanks to lazy-loaded images.
- Say hello to your new sitemap.
- Highlights from the block editor
- Server-side registered blocks in the REST API
-
[2.16.2]
- Update WordPress to 5.6.1
- Release announcement
- #51056: Fetch_feed parsing of permalinks triggers simplepie preg_match warnings
- #52327: Requested updates to the PHP Update Alert
- #51940: The schema for the taxonomy property of a term in the REST API should not include all taxonomies
- #51980: App Passwords: ‘Add New Application Password’ submit button is hidden on mobile devices in ‘User Profile’ page
- #51995: WordPress 5.6: Classic editor menu is not sticky
- Update wp-redis and wp-smtp plugins to latest in the default installation
-
[2.17.1]
- Update WordPress to 5.6.2
- Release announcement
- #52440: Prevent the “Leave site” browser alert in Classic Editor when post title, excerpt, or post content fields are missing.
- #52396: Image options are not visible in pop up when the clicking replace button from Image block.
- #52449: Can’t change font size the 5.6.1 paragraph block.