The latest WordPress version 4.9.5 was released on April 4 and contains security related and bug fixes. The fixes are for three security issues in WordPress 4.9.4 or earlier as well as 25 bugs in WordPress 4.9.5. Because the vulnerabilities could be exploited, WordPress recommends to install the update as soon as possible.
The fixes are:
- WordPress doesn’t treat
localhostas same host by default. - It uses now safe redirects when redirecting the login page if SSL is forced.
- WordPress makes sure the version string is correctly escaped for use in generator tags.
- The previous styles on caption shortcodes have been restored.
- Cropping on touch screen devices is now supported.
- A variety of strings such as error messages have been updated for better clarity.
- The position of an attachment placeholder during uploads has been fixed.
- Custom nonce functionality in the REST API JavaScript client has been made consistent throughout the code base.
- Improved compatibility with PHP 7.2.
Remember to create backups regulary to prevent data loss.
(Beitragsbild von monsitj)
