Another round of simple security patches for the core forms and SEO plugins this time around.The main WordPress security patches for WordPress 5.4 should follow soon. We will update all plans except eCommerce websites straight away. All eCommerce extensions will need to be tested first for the core update.

WordPress forms (gravity) V2.4.18

  • Added security enhancements. Credit: Dominik Schilling.
  • Added a title attribute to the Ajax iframe to pass the W3 validator.
  • Added accessibility enhancements to the progress bar in multi-page forms.
  • Added the gform_post_enqueue_scripts action hook.
  • Added three new filters to control the display of buttons in rows two, three, and four of the paragraph field's rich text editor.
  • Added a logging statement to help identify the reason for the system report displaying the "Table has not been upgraded successfully" message.
  • Added support for filtering attributes for the [gravityforms] conditional action.
  • Updated credit card icons so that they are displayed properly on retina screens.
  • Updated one of the Field Type options to "Single Line Text" in Post Tags and Post Custom Field fields.
  • Updated the Members and User Role Editor integrations so the Logging and REST API capabilities are located in the Gravity Forms group instead of the GF Add-Ons group.
  • Fixed an issue introduced in GF where all block types would be available regardless of the types allowed by the WordPress allowed_block_types filter.
  • Fixed an issue where the multi-file upload field on some multi-page forms can display escaped multibyte unicode characters.
  • Fixed an issue where the title and description are displayed by the AJAX submission response when disabled on the Form block.
  • Fixed PHP notices which can occur when uploading a file without an extension.
  • Fixed credit card icons positioning.
  • Fixed a PHP warning which occurs when the gform_form_args filter does not return an array.
  • Fixed a PHP fatal error that occurs when the Gravity Forms Gutenberg Add-On (Experimental) is active.
  • Fixed an issue where Gravity Forms block assets are still enqueued when editing a page or post when the block type is disabled.
  • Fixed front-end merge tag replacement for the Email field, with confirmation input enabled, including values from both inputs.
  • Fixed PHP notices which occur when a currency code is passed to GFCommon::remove_currency_symbol().
  • Fixed an issue which prevents scripts and styles being enqueued correctly for forms embedded in reusable blocks.
  • Fixed alignment issues with Form block placeholder elements.
  • Fixed an issue where the spam filter link is not displayed on the Entries page when some third-party plugins mark entries as spam.
  • Fixed the product field mapping setting, in the form editor, not displaying the admin labels when available.
  • Fixed a PHP notice which occurs when using `GF_Field_Consent::get_value_export()` without specifying the input ID.
  • Fixed PHP notices on the Forms > System Status > Updates page when the plugin is installed in a custom directory.
  • Fixed an issue where notification routing initially displays the admin labels in the fields drop down but reverts to the front labels when a new rule is added.
  • Fixed an issue where entry limit and schedule validation errors are not displayed when processing Ajax submissions.
  • Fixed PHP 7.4 notices which occur when rendering a field without a form object e.g. the User Registration login form.
  • Fixed a PHP notice which can occur when validating the strength for the Password field.
  • Fixed PHP notices which occur when using the form title to embed the form and the form is not found.

WordPress Yoast SEO V14.2

  • Fixes a bug where breadcrumbs would be saved in reversed order.
  • Fixes a bug where setting Security: no advanced settings for authors to off would remove the advanced settings tab for all users.
  • Fixes a bug where replacement variables would not be replaced when using the deprecated WPSEO_Frontend output without echoing it.
  • Fixes a bug where our select2 styling would overwrite the select2 styling of other plugins.
  • Fixes a bug where JavaScript could be executed via the error message on the Social section in the Yoast Settings. As this potentially dangerous data is not saved, abusing this was not possible.

WordPress SG Cacher and Gzip compression V5.5.5

  • Improved Script Combinations Excluding Functionality
  • Improved Internationalisation
  • Improved Lazy Loading
  • Improved WooCommerce Support for 3rd Party Payment Gateways
  • Added Global JS exclude for Plugins with Known Issues
  • Added WP-Authorized-Net support
  • Added Facebook for WooCommerce support


Friday, June 5, 2020

« Back