WordPress 5.1.1 is currently offered! This protection as well as upkeep launch presents 14 repairs as well as improvements, consisting of modifications developed to aid hosts prepare customers for the minimum PHP version bump coming in 5.2
This launch likewise consists of a set of protection repairs that take care of just how remarks are filteringed system and after that saved in the data source. With a maliciously crafted remark, a WordPress blog post was at risk to cross-site scripting.
WordPress variations 5.1 as well as earlier are impacted by these pests, which are repaired in variation 5.1.1. Upgraded variations of WordPress 5.0 as well as earlier are likewise offered for any type of customers that have actually not yet upgraded to 5.1.
Props to Simon Scannell of RIPS Technologies that found this imperfection independent of some job that was being done by participants of the core protection group. Thanks to every one of the press reporters for privately disclosing the vulnerabilities, which offered us time to repair them prior to WordPress websites can be assaulted.
Various other highlights of this launch consist of:
- Hosts can currently provide a switch for their customers to upgrade PHP.
- The suggested PHP variation utilized by the “Update PHP” notification can currently be filteringed system.
- A number of small insect repairs.
You can surf the full list of changes on Trac
WordPress 5.1.1 was a short-cycle upkeep launch. Version 5.1.2 is anticipated to adhere to a comparable 2 week launch tempo.
You can download and install WordPress 5.1.1 or browse through Control Panel → Updates as well as click Update Currently Websites that sustain automated history updates have actually currently begun to upgrade instantly.
Along with the protection scientist pointed out over, thanks to everybody that added to WordPress 5.1.1:
Aaron Jorbin, Alex Concha, Andrea Fercia, Andy Fragen, Anton Vanyukov, Ben Bidner, bulletdigital, David Binovec, Dion Hulse, Felix Arntz, Garrett Hyder, Gary Pendergast, Ian Dunn, Jake Spurlock, Jb Audras, Jeremy Felt, Johan Falk, Jonathan Desrosiers, Luke Carbis, Mike Schroder, Milan Dinić, Mukesh Panchal, Paul Biron, Peter Wilson, Sergey Biryukov, as well as Weston Ruter.