WordPress 5.1.1 Security and Maintenance Release

  • Upgrade Your Account to download resource
    Hello Guest ! Upgrade your account to download from our sections Here.
    How to upgrade your account to download resources Learn More.
    Guest need to read through our rules and regulations Learn More.

XenforoX

Administrator
Staff member
Administrator
May 29, 2018
891
143
43
#1
WordPress 5.1.1 is now available! This security and maintenance release introduces 10 fixes and enhancements, including changes designed to help hosts prepare users for the minimum PHP version bump coming in 5.2.

This release also includes a pair of security fixes that handle how comments are filtered and then stored in the database. With a maliciously crafted comment, a WordPress post was vulnerable to cross-site scripting.

WordPress versions 5.1 and earlier are affected by these bugs, which are fixed in version 5.1.1. Updated versions of WordPress 5.0 and earlier are also available for any users who have not yet updated to 5.1.

Props to Simon Scannell of RIPS Technologies who discovered this flaw independent of some work that was being done by members of the core security team. Thank you to all of the reporters for privately disclosing the vulnerabilities, which gave us time to fix them before WordPress sites could be attacked.

Other highlights of this release include:

  • Hosts can now offer a button for their users to update PHP.
  • The recommended PHP version used by the “Update PHP” notice can now be filtered.
  • Several minor bug fixes.

You can browse the full list of changes on Trac.

WordPress 5.1.1 was a short-cycle maintenance release. Version 5.1.2 is expected to follow a similar two week release cadence.

You can download WordPress 5.1.1 or visit Dashboard → Updates and click Update Now. Sites that support automatic background updates have already started to update automatically.

In addition to the security researcher mentioned above, thank you to everyone who contributed to WordPress 5.1.1:

Aaron Jorbin, Alex Concha, Andrea Fercia, Andy Fragen, Anton Vanyukov, Ben Bidner, bulletdigital, David Binovec, Dion Hulse, Felix Arntz, Garrett Hyder, Gary Pendergast, Ian Dunn, Jake Spurlock, Jb Audras, Jeremy Felt, Johan Falk, Jonathan Desrosiers, Luke Carbis, Mike Schroder, Milan Dinić, Mukesh Panchal, Paul Biron, Peter Wilson, Sergey Biryukov, and Weston Ruter.
 

Similar threads

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu

Follow us on Facebook