Software Update: WordPress 5.7.1

Version 5.7.1 of WordPress has been released. With this program, which is made available under a GPL license, it is possible to set up and maintain a website or blog. WordPress is easy to set up and can be up and running within five minutes if a server with PHP and MySQL is already available. There are possibilities to further extend the functionality of WordPress with plugins and the look with themes to adjust. The changelog for version 5.7.1 looks like this:

Security updates

Two security issues affect WordPress versions between 4.7 and 5.7. If you haven’t yet updated to 5.7, all WordPress versions since 4.7 have also been updated to fix the following security issues:

• thank you SonarSource for reporting an XXE vulnerability within the media library affecting PHP 8
• thanks Mikael Korpela for reporting a data exposure vulnerability within the latest posts block and REST API

Maintenance updates

WordPress 5.7.1 also fixes 26 regressions introduced in version 5.7:

Fixed Core tickets from Trac:

• #52787 – Empty array for non-single post meta breaks post save through REST API
• #52822 – PHPMailer change in WordPress 5.7 breaks working sites
• #52670 – Admin pointer arrow border color darker than pointer content
• #52713 – Reverse logic in wp_robots function and filter
• #52743 – Hardcoded SVG image URLs on WP 5.7 About screen
• #52750 – WP 5.7 colors inconsistent in get_option( ‘admin_color’ ) since color contrast changes
• #52751 – UI issue on Privacy Policy Guide page
• #52756 – Duplicate video URLs on WP 5.7 About screen
• #52758 – 5.7 About Page: Image comparison doesn’t work on first load on some browsers
• #52760 – Color not accessibility for AA
• #52764 – Classic editor adding empty tags in some media embed situations
• #52768 – WordPress post URL oEmbed rendering blocked by iframe lazy-loading
• #52783 – Health Check mis-reports https functionality in certain situations
• #52789 – Gallery layout block adds all media items when changing an image
• #52816 – Post metabox style Twenty Seventeen has a border
• #52826 – New wp_getimagesize() causing unexpected failures
• #52834 – Reset password screen: improve buttons layout for better i18n
• #52891 – Privacy: print screen reader text message
• #52894 – The wp_sanitize_script_attributes function added in version 5.7 does not escape attributes in some cases
• #52932 – Rest Api enum validation does not work correctly WordPress 5.7
• #52961 – Add ‘object-position’ as an allowed CSS attribute
• #52981 – Twenty Twenty-One: Update IE specific editor stylesheet

Fixed Block editor issues from GitHub:

• PR30218 – Core Data: Use getAuthors for showCombobox
• PR30524 – Editor: Revert (#27717) save editors value on change
• PR30122 – Gallery: Set addToGallery prop to false when images don’t have IDs
• PR29809 – Revert: Show empty paragraphs on fronted
• PR29860 – Try: Fix gallery item clicking
• PR29920 – Fix sibling block inserter displaying at end of block list
• PR30125 – Block Editor: Ensure that uncategorized block types are properly handled
• PR30243 – Add object-position to allowed inline style attributes list