Maintenance Update 11.6
WordPress 5.1.1 is now available! This security and maintenance release introduces 14 fixes and enhancements.
This release also includes a pair of security fixes that handle how comments are filtered and then stored in the database. With a maliciously crafted comment, a WordPress post was vulnerable to cross-site scripting. WordPress versions 5.1 and earlier are affected by these bugs, which are fixed in version 5.1.1.
Other highlights of this release include:
- Hosts can now offer a button for their users to update PHP.
- The recommended PHP version used by the “Update PHP” notice can now be filtered.
- Several minor bug fixes.
WordPress Security V7.3.2
- Tweak: Allow the log description column to word break for URLs or other strings with no spaces.
- Bug Fix: Hide Backend bypass on certain Apache configurations.
- Bug Fix: Properly return error that occurs during a backup.
- Bug Fix: Regex warning on PHP 7.3 in the File Change module.
- Bug Fix: Resolve warning when a user is set to “No Role”.
WordPress caching and speed V5.1.1
- Improved cache invalidation for combined styles
- Cache purge from the admin bar now handles combined files too
- Added filter to exclude images from Lazy Loading
- Added filter to exclude pages from HTML Minification
- Added Filter to query params from HTML Minification
- Added PHP 7.3 support
User role editor V4.5
- PHP version 5.5 was marked as required.
- Update: General code restructure and optimization.
- Update: URE_Base_Lib::get_blog_ids() returns null, if it’s called under WordPress single site (not multisite).
- Update: URE_Editor::prepare_capabilities_to_save() : “Invalid argument supplied for foreach()” warning was excluded in case there was no valid data structures initialization.
- Update: ‘administrator’ role protection was enhanced. URE always does not allow to revoke capability from ‘administrator’ role. That was possible earlier after the ‘administrator’ role update.
- Update: 2 new actions ‘ure_settings_tools_show’ and ‘ure_settings_tools_exec’ allows to extends the list of sections available at the Settings->User Role Editor->Tools tab.
WordPress Forms V2.4.6
- Added security enhancements.
- Added aria-describedby to some single input fields including: Consent, Text, Textarea, and Website.
- Updated link in disable logging notice to immediately disable logging.
- Fixed an accessibility issue with the total field where screen readers don't announce the total amount when it changes.
- Fixed multi-column List fields within Repeater fields appearing as Array during export.
- Fixed a fatal error which can occur when using GFFormsModel::media_handle_upload() to upload a video file to the media library.
- Fixed an accessibility issue with the color contrast of the character counter on a white background.
- Fixed character counter not announcing updated character limit to screenreaders on fields with a maximum character count defined.
- Fixed the replacement method name in the GFFormsModel::purge_expired_incomplete_submissions() deprecation notice.
- Fixed an issue with the default symbols for the Repeater field buttons and removed the title attribute.
- Fixed the placeholder option not being added to drop down type fields when the placeholder is 0.
- Fixed an issue with some Address field sub-labels when the form is displayed.
- Fixed the input mask type setting reverting to the standard choice after some custom masks are configured.
- Fixed an issue that frontend feeds can't be activated after the conditional logic is disabled.
- Removed "Not Checked" rule for the consent field in conditional logic JS. Use "not is" "checked" instead.
- Fixed issue where conditionally hidden Drop Down fields were evaluated as having a value via conditional logic.
- Fixed an issue where use of some special characters, such as quotes, in the List field column label could prevent submission of the input value.
- Fixed an issue with the Rich Text Editor height when the Paragraph or Post Body field is displayed by conditional logic.
- Fixed some properties not being reset when the Product field input type is changed causing issues for the front-end calculations and conditional logic.
- API: Added GFAPI::entry_exists() to check if an entry exists for the supplied ID.
- API: Fixed returning repeater subfields via GFAPI::get_field()
- API (internal): Added GFExport::get_entry_export_line() for getting the line to be included in the export for the entry being processed.
- API (internal): Added support for IS/IS NOT NULL operations in GF_Query.
WordPress SEO V10.0
- Fixes a bug where the
focus keyphrasesnippet variable was not correctly applied on term pages.
- Fixes a bug where the Facebook image that was set for the WooCommerce Shop page would not be outputted as
- Fixes a bug where the featured image set on a WooCommerce Shop page would not be outputted as Facebook OpenGraph Image or Twitter Image.
- Fixes a bug where backslashes and consecutive double quotes would be removed from the focus keyphrase when saving a post or term.
- Fixes a bug where backslashes would be removed from the breadcrumb title, focus keyphrase, title or meta description when saving a term.
Sunday, March 10, 2019