WordPress Managed - Package updates
-
[3.9.2]
- Fix session timeout issue with OIDC
-
[3.13.3]
- Update WordPress to 6.8.2
- Full Changelog
-
[3.13.4]
- Update WordPress to 6.8.3
- Full Changelog
-
[3.14.0]
- Update WordPress to 6.9
- Full Changelog
- Collaborate and stage content directly in your posts
- Block-level Notes
- Hide and Show blocks
- Visual drag and drop
- Allowed blocks UI and other workflow tools
- Enrich your content with creative blocks for improved storytelling
-
[3.14.1]
- Update openid-connect-generic to 3.10.1
-
[3.14.2]
- Update openid-connect-generic to 3.10.2
- Fix for regression caused by url handling improvements.
- Fix for issue #591 by @socialmedialabs in #592
-
[3.15.0]
- openid-connect-generic plugin replaced with renamed daggerhart-openid-connect-generic plugin
-
[3.15.1]
- Update WordPress to 6.9.1
- Full Changelog
-
[3.15.2]
- Update openid-connect-generic to 3.10.3
-
[3.16.0]
- Update openid-connect-generic to 3.11.3
- Add configurable issuer setting for JWT validation by @daggerhart in #639
- Fix JWT verification with Microsoft Entra ID JWKS by @daggerhart in #636
- 629: Fix to better match issuer in jwt validator by @daggerhart in #630
- Previous versions decoded JWT tokens without cryptographic verification
- Added proper JWT signature verification using JWKS (JSON Web Key Set)
- Implements
firebase/php-jwtlibrary for validation - Validates all required claims:
exp,aud,iss,iat,sub - Added signature verification for aggregated claims from secondary JWTs
- Prevents injection of forged claims
- Replaced unsafe HTTP functions with SSRF-protected alternatives
