WordPress 6.0.2, Security and Maintenance Edition

WordPress has just published WordPress 6.0.2 from the OpenSource CMS. This update fixes vulnerabilities, so it is highly recommended that you install it as soon as possible!

This security and maintenance release includes:

  • 12 bug fixes on the CMS kernel,
  • 5 bug fixes for block editor,
  • 3 security fixes.

Since this is a security release, it is recommended that you update your WordPress sites immediately.

All versions since WordPress 3.7 have also been updated with relevant fixes.

WordPress 6.0.2 is a short-cycle version. The next major release of WordPress will be version 6.1 due on November 1, 2022.

If your sites support automatic updates in the background, the update process will usually start automatically.

Alternatively, you can download WordPress 6.0.2 from WordPress.org, or go to your WordPress dashboard, click on ” Updatesthen on update now“.

3 security updates built into this version 6.0.2:

The WordPress security team was alerted by 3 different people to 3 security issues. This made it possible to patch these vulnerabilities in the new version of WordPress:

  1. A possible SQL entry in the Link API has been fixed;
  2. An XSS vulnerability was reported on the extensions page and then fixed;
  3. Output escape problem in the_meta().

These three flaws have been corrected in this version 6.0.2.

6.0.2 Update Details

The following tickets have been fixed:

  • 56112 – Allow remote styles to be saved in theme.json when base styles are disabled.
  • 56184 – register_block_type does not recognize a ‘ancestor’ block parameter.
  • 56210 – What is the problem with the design of the new page in the WordPress core
  • 56225 – @since 6.1.0 appear in 6.0.1
  • 56271 – Custom form parts are duplicated rather than updated (PHP 5.6)
  • 56402 – Moment.js . needs to be updated
  • 56414 – Gutenberg bug fixes migrated to Core for WP 6.0.2

The following GitHub block editor issues have been fixed:

  • PR40656 – Remove sticky posts parameter when inheriting query
  • PR41101 – [Bibliothèque de blocs – Boucle de requête] : Move the label control to a separate file
  • PR42539 – Docs: add variations key to define JSON block.json schema
  • PR42975 – Block Styles: To trim long button labels
  • PR43221 – Prevent request block from repeating in classic layout

source

Leave a Comment