WordPress 4.9.7

WordPress 4.9.7 is now available. This maintenance and security release fixes 17 bugs.

Download WordPress 4.9.7 or visit Dashboard → Updates and click “Update Now”. Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.7:

1naveengiriAaron JorbinabdullahramzanalejandroxlopezAndrew OzzArunBirgir Erlendsson (birgire)BjornWBoone GorgesBrandon KraftChetan PrajapatiDavid HerreraFelix ArntzGarethIan DunnibelangerJohn BlackbournJonathan Desrosiers, JoykhaihonglbenicioLeander IversenmermelmetalandcoffeeMigrated to @jeffpaul, palmiakSergey BiryukovskoldinSubrata SarkarTowhidul Islamwarmlaundry, and YuriV.

WordPress versions 4.9.6 and earlier are affected by a file deletion issue where a user with the capability to edit and delete media files could potentially manipulate media metadata to attempt to delete files outside the uploads directory.

Thank you to Slavco for reporting the original issue and Matt Barry for reporting related issues.

Other highlights of 4.9.7 include:

  • TaxonomyTaxonomy A taxonomy is a way to group things together. In WordPress, some common taxonomies are category, link, tag, or post format. https://codex.wordpress.org/Taxonomies#Default_Taxonomies.: Improve cache handling for term queries.
  • Posts, Post Types: Clear post password cookie when logging out.
  • Widgets: Allow basic HTMLHTML HyperText Markup Language. The semantic scripting language primarily used for outputting content in web browsers. tags in sidebarSidebar A sidebar in WordPress is referred to a widget-ready area used by WordPress themes to display information that is not a part of the main content. It is not always a vertical column on the side. It can be a horizontal rectangle below or above the content area, footer, header, or any where in the theme. descriptions on Widgets adminadmin (and super admin) screen.
  • Community Events Dashboard: Always show the nearest WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. if one is coming up, even if there are multiple Meetups happening first.
  • Privacy: Make sure default privacy policy content does not cause a fatal error when flushing rewrite rules outside of the admin context.

You can see the full list of changes in TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress..

The previously scheduled 4.9.7 is now referred to as 4.9.8, and will follow the release schedule posted yesterday.

#minor-releases, #security