{"id":12421,"date":"2022-03-11T02:24:13","date_gmt":"2022-03-11T02:24:13","guid":{"rendered":"https:\/\/wordpress.org\/news\/?p=12421"},"modified":"2022-11-18T22:49:54","modified_gmt":"2022-11-18T22:49:54","slug":"wordpress-5-9-2-security-maintenance-release","status":"publish","type":"post","link":"https:\/\/wordpress.org\/news\/2022\/03\/wordpress-5-9-2-security-maintenance-release\/","title":{"rendered":"WordPress 5.9.2 Security and Maintenance Release"},"content":{"rendered":"\n<p><strong>WordPress 5.9.2&nbsp;<\/strong>is now available!<\/p>\n\n\n\n<p>This security and maintenance release features <a href=\"https:\/\/core.trac.wordpress.org\/ticket\/54578\">1 bug fix<\/a> in addition to 3 security fixes. Because this is a <strong>security release<\/strong>, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.<\/p>\n\n\n\n<p>WordPress 5.9.2 is a security and maintenance release. The next major release will be version&nbsp;<a href=\"https:\/\/make.wordpress.org\/core\/6-0\/\">6.0<\/a>.<\/p>\n\n\n\n<p>You can&nbsp;<a href=\"https:\/\/wordpress.org\/wordpress-5.9.2.zip\">download WordPress 5.9.2 from WordPress.org<\/a>, or visit your Dashboard&nbsp;\u2192 Updates and click \u201cUpdate Now\u201d.<\/p>\n\n\n\n<p>If you have sites that support automatic background updates, they\u2019ve already started the update process.<\/p>\n\n\n\n<p>The security team would like to thank the following people for responsively reporting vulnerabilities, allowing them to be fixed in this release:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Melar Dev, for finding a Prototype Pollution Vulnerability in a jQuery dependency<\/li><li>Ben Bidner&nbsp;of the WordPress security team, for finding a Stored Cross Site Scripting Vulnerability<\/li><li>Researchers from <em>Johns Hopkins University, <\/em>for finding a Prototype Pollution Vulnerability in the block editor<\/li><\/ul>\n\n\n\n<p>For more information, browse the&nbsp;<a href=\"https:\/\/core.trac.wordpress.org\/query?milestone=5.9.2&amp;group=component&amp;col=id&amp;col=summary&amp;col=owner&amp;col=type&amp;col=status&amp;col=priority&amp;col=milestone&amp;order=priority\">full list of changes<\/a>&nbsp;on Trac, or check out the&nbsp;<a href=\"https:\/\/wordpress.org\/support\/wordpress-version\/version-5-9-2\/\">version 5.9.2 HelpHub documentation page<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"thanks-and-props\">Thanks and props!<\/h2>\n\n\n\n<p>The 5.9.2 release was led by <a href=\"https:\/\/profiles.wordpress.org\/audrasjb\/\">Jb Audras<\/a>, with the help of <a href=\"https:\/\/profiles.wordpress.org\/jorgefilipecosta\/\">Jorge Costa<\/a> on package updates, <a href=\"https:\/\/profiles.wordpress.org\/sergeybiryukov\/\">Sergey Biryukov<\/a> on mission control, and <a href=\"https:\/\/profiles.wordpress.org\/davidbaumwald\/\">David Baumwald<\/a> on backport commits.<\/p>\n\n\n\n<p>In addition to the release squad members and security researchers mentioned above, thank you to everyone who helped make WordPress 5.9.2 happen:<\/p>\n\n\n\n<p class=\"is-style-wporg-props-short alignfull\"><a href=\"https:\/\/profiles.wordpress.org\/alanjacobmathew\/\">Alan Jacob Mathew<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/xknown\/\">Alex Concha<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/oandregal\/\">Andr\u00e9<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/antonvlasenko\/\">Anton Vlasenko<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/davidbaumwald\/\">David Baumwald<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/ehtis\/\">ehtis<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/audrasjb\/\">Jb Audras<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/sergeybiryukov\/\">Jorge Costa<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/peterwilsoncc\/\">Peter Wilson<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/sergeybiryukov\/\">Sergey Biryukov<\/a>, <a href=\"https:\/\/profiles.wordpress.org\/hellofromTonya\/\">Tonya Mork<\/a>, and <a href=\"https:\/\/profiles.wordpress.org\/ironprogrammer\/\">ironprogrammer<\/a>.<\/p>\n\n\n\n<p class=\"has-text-align-right has-small-font-size\"><em>Props <a href='https:\/\/profiles.wordpress.org\/davidbaumwald\/' class='mention'><span class='mentions-prefix'>@<\/span>davidbaumwald<\/a> and <a href='https:\/\/profiles.wordpress.org\/sergeybiryukov\/' class='mention'><span class='mentions-prefix'>@<\/span>sergeybiryukov<\/a> for peer review.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>WordPress 5.9.2&nbsp;is now available! This security and maintenance release features 1 bug fix in addition to 3 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 5.9.2 is a security and maintenance release. The next major release [&hellip;]<\/p>\n","protected":false},"author":8670591,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"episode_type":"","audio_file":"","cover_image":"","cover_image_id":"","duration":"","filesize":"","date_recorded":"","explicit":"","block":"","filesize_raw":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[14,15],"tags":[404,437,173],"class_list":["post-12421","post","type-post","status-publish","format-standard","hentry","category-releases","category-security","tag-5-9","tag-minor-releases","tag-security","mentions-davidbaumwald","mentions-sergeybiryukov"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pZhYe-3el","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts\/12421","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/users\/8670591"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/comments?post=12421"}],"version-history":[{"count":24,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts\/12421\/revisions"}],"predecessor-version":[{"id":12503,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts\/12421\/revisions\/12503"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/media?parent=12421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/categories?post=12421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/tags?post=12421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}