Mautic - Package Updates

Package Updates

[5.0.0]

• This is a major version update. Make sure all used plugins are compatible first.
• Update mautic to 6.0.0
• Full Changelog
• Remove deprecated GenericPointSettingsType for M6 by @putzwasser in #13904
• Removing the Gated Video feature by @escopecz in #14284
• Use the new Symfony authenticator system. by @biozshock in #14219
• [UI] Remove Froala styles by @andersonjeccel in #14271
• Upgrading Mautic to Symfony 6 by @escopecz in #13962
• [UI] Remove Font Awesome by @andersonjeccel in #14265
• Removing the legacy builder by @escopecz in #14450
• Removed MauticFactory::getDatabase. by @biozshock in #14418
• Removed MauticFactory::getIpAddressFromRequest and MauticFactory::getDate. by @biozshock in #14564
• Removed MauticFactory::getParameter. by @biozshock in #14565

Package Updates

[5.0.1]

• Update mautic to 6.0.1
• Full Changelog
• Fix #14804: Hamburger menu issue on mobile by @pelbox in https://github.com/mautic/mautic/pull/14886
• Fix #14457: Contact names with ampersands not showing in search by @goma101 in https://github.com/mautic/mautic/pull/14818
• Fix #14240: Blank link shown in theme actions dropdown by @pedroasgomes in https://github.com/mautic/mautic/pull/14833
• Fix: More trust settings: shows labels without inputs by @Krishu0765 in https://github.com/mautic/mautic/pull/14934
• Fix SMS duplicate send by @kuzmany in https://github.com/mautic/mautic/pull/14874
• Fixing migrations' preup checks by @escopecz in https://github.com/mautic/mautic/pull/14824
• Add migration preup checks by @matbcvo in https://github.com/mautic/mautic/pull/14852
• Allow more time window to make test valid. by @biozshock in https://github.com/mautic/mautic/pull/14918

Package Updates

[5.0.2]

• Update mautic to 6.0.2
• Full Changelog
• CVE-2025-5257 - Predictable Page Indexing Might Lead to Sensitive Data Exposure - Reported and fixed by @lenonleite and tested/reviewed by @escopecz and @kuzmany in https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8
• CVE-2024-47056 - Mautic does not shield .env files from web traffic - Reported by @r3ky, analyzed by @lenonleite fixed by @nick-vanpraet and tested/reviewed by @patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-h2wg-v8wg-jhxh
• CVE-2024-47057 - User name enumeration possible due to response time difference on password reset form - Reported and fixed by @tomekkowalczyk and reviewed by @patrykgruszka and @nick-vanpraet in https://github.com/mautic/mautic/security/advisories/GHSA-424x-cxvh-wq9p
• CVE-2024-47055 - Segment cloning doesn't have a proper permission check - Reported and fixed by @abhisekmazumdar and @nick-vanpraet and tested/reviewed by @patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-vph5-ghq3-q782
• CVE-2025-5256 - Open Redirect vulnerability on user unlock path - Reported and fixed by @tomekkowalczyk, tested/reviewed by @patrykgruszka and @nick-vanpraet in https://github.com/mautic/mautic/security/advisories/GHSA-6vx9-9r2g-8373
• fix #14449: Dynamic Content in emails - not all variants visible in editor by @Krishu0765 in https://github.com/mautic/mautic/pull/14966