WordPress 4.9.2 Update
A new version of WordPress has been released; all Bitmash sites have been automatically upgraded.
From the WordPress 4.9.2 release post: WordPress versions 4.9 and earlier are affected by an XSS vulnerability in the Flash fallback files in MediaElement 4.x, a library that is included with WordPress 4.9.
In addition to the security issue above, WordPress 4.9.2 contains 22 bug fixes.
Bundled Theme
- #42820 - Twenty Seventeen -watch that language
Customize
- #42492 - Selecting menu location changes line height
- #42871 - Features box textstrings in Feature Filter area need new linebreak
Database
- #42812 - Use MySQLi when available by default
Editor
- #42664 - Editor link autocomplete suggestions: no fallback title displayed for posts with no title
- #43012 - Cannot Update Post in Firefox Due to Editor and TinyMCE JavaScript TypeErrors
External Libraries
- #42439 - Update random_compat external library for PHP 7 linting failure
Formatting
- #42578 - PHP functions inside <p> tags creates new <p> tag, breaking the parent tag into two.
Media
- #42225 - Whitelist Flac Files
- #42447 - Mark test_remove_orientation_data_on_rotate as skipped when exif_read_data isn't available
- #42480 - Consistent suppression of `getimagesize()` errors
- #42720 - Remove unnecessary MediaElement.js files
Plugins
- #43082 - Add plugins search results: the plugin details modal opens in the thickbox modal
REST API
- #42828 - Hard-coded 403 status in REST response should use `rest_authorization_required_code()`
Taxonomy
- #42771 - WP_Term::get_instance() regression for non-category terms queried with 'category' taxonomy
- #42605 - category_description() does not work properly since 4.9
- #42717 - get_category_link() accepting object but not id
TinyMCE
- #42416 - Code assumes iframe mode, exception in inline mode
Upgrade/Install
- #42963 - Improve deletion of $_old_files during upgrades
Widgets