Das WordPress Team hat das Update 4.9.1 veröffentlicht. Mit diesem Update werden 4 Sicherheitslücken, die in allen Versionen existieren, sowie 11 Fehler behoben.
WordPress 4.9.1 Release Notes
- Use a properly generated hash for the
newbloguserkey instead of a determinate substring. - Add escaping to the language attributes used on
htmlelements. - Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.
- Remove the ability to upload JavaScript files for users who do not have the
unfiltered_htmlcapability.
- #42573: File caching affecting users’ ability to use the plugin and theme file editors.
- #42574: MediaElement upgrade causing JS errors when certain languages are in use.
- #42579: Incorrect logic in
extract_from_markers(). - #42454: Unable to translate Codex URL in theme editor.
- #42609: Theme editor cannot edit files when running on a Windows server.
- #42628:
flatten_dirlist()doesn’t play nice with folders with numeric names. - #42634:
DB_HOSTsocket paths with colons not parsed correctly. - #42641: On multisite upgrade the
wp_blog_versionstable doesn’t get updated - #42673: Themes page throws console error when there is only one installed theme
- #42242:
langattribute in the admin area doesn’t reflect a user’s language setting