WordPress Managed Hosting - 40% Off For 4 Months - Coupon Code: BFCM2020 Avail Now

WordPress 5.3.1 – Security and Maintenance Update

Moeez — December 13, 2019 2 Minutes Read
WordPress-5.3.1

WordPress 5.3.1 was released on 12 December and comes with plenty of bug fixes, enhancements, and security fixes.

Version 5.3.1 is mainly focused on security and maintenance features: around 46 bug fixes and enhancements are addressed in this release.

In most cases, whenever a new WordPress version is rolled out, users waste no time in updating their current version to avoid security threats. I’d personally suggest that you update your current version to WordPress 5.3.1 because the bugs squashed in new updates can make your website more vulnerable and an easy target for hackers.

To download WordPress 5.3.1, go to Dashboard > Updates and click Update Now. But If automatic updates are enabled on your WordPress, then this version will be already installed on your site.

Security Fixes

WordPress 5.3.1 addressed 4 security fixes and all the security vulnerabilities that were reported by the WordPress community.

Earlier versions of WordPress, from 3.7 to 5.3, all are affected by the following bugs that have been squashed in the new release:

  1. Any user with false access permission could make a post sticky via the REST API.
  2. An issue where cross-site scripting (XSS) could be stored in different links.
  3. Hardened wp_kses_bad_protocol() to ensure that it is aware of the named colon attribute.
  4. An issue with a stored XSS vulnerability where it’s using block editor content.

Maintenance Updates

There are numerous maintenance bugs in this version but I’ve highlighted some of the important issues like:

  1. The older versions had unstable form controls but version 5.3.1 introduced some remarkable CSS changes and some administration-level improvements. Core developers removed several top/bottom margin and padding and added standardize height for all control forms.
  2. The alternate color scheme readability issues.
  3. Issues with the block editor like fix Edge scrolling issues and intermittent JavaScript issues.
  4. Twenty-Twenty theme: add customizer option to show/hide author bio, replace smooth scroll with CSS and fix Instagram embed CSS.
  5. Date/time: improve non-GMT dates calculation, fix date format output in specific languages and make get_permalink() more resilient against PHP timezone changes.

List of File Revised

src/js/_enqueues/lib/admin-bar.js

src/js/_enqueues/wp/widgets/media.js

src/js/media/views/settings.js

src/wp-admin/css/about.css

src/wp-admin/css/color-picker.css

src/wp-admin/css/colors/_admin.scss

src/wp-admin/css/colors/_mixins.scss

src/wp-admin/css/colors/_variables.scss

src/wp-admin/css/common.css

src/wp-admin/css/customize-controls.css

src/wp-admin/css/dashboard.css

src/wp-admin/css/edit.css

src/wp-admin/css/forms.css

And many more

List of Updated Packages

@wordpress/block-editor@3.2.5

@wordpress/block-library@2.9.6

@wordpress/core-data@2.7.5

@wordpress/edit-post@3.8.6

@wordpress/editor@9.7.6

@wordpress/format-library@1.9.5

jquery-hoverintent@1.8.3

hoverintent@2.2.1

You can check out on their official release page where you will find the full documentation of enhancements, bug fixes, and more information.

Do you have any questions? Ping me at farhan@wpblog.com!

Create Faster WordPress Websites!

Free eBook on WordPress Performance right in your inbox.


Create Faster WordPress Websites!

Free eBook on WordPress Performance right in your inbox.

Moeez is ‘The’ blogger in charge of WPblog. He loves to interact and learn about WordPress with people in the WordPress community. Outside his work life, Moeez spends time hanging out with his friends, playing Xbox and watching football on the weekends. You can get in touch with him at moeez[at]wpblog.com.

THERE'S MORE TO READ

Newsletter

WordPress Help Zone - Ultimate WordPress Pit-Stop

Learning WordPress? Or are you expert enough to help others? Join our WP Facebook group!

Secured By miniOrange