WordPress 5.8.1 Released, Squashes 60 Bugs and Patches Three Security Vulnerabilities

WordPress 5.8.1 is now available for download. This release contains 60 bug fixes and patches three security vulnerabilities and because of those patches, it is recommended that you update your site or sites as soon as possible. These security fixes have also been backported to WordPress 5.4. Unless you have turned automatic updates off, most sites will update automatically.

The three security issues addressed were a Cross-Site Scripting vulnerability in the block editor, a data exposure vulnerability in the REST API, and security fixes implemented from updating to Lodash library 4.17.21. @mdawaffe is credited with reporting the data exposure vulnerability while Michał Bentkowski of Securitum reported the XSS vulnerability.

The release post also mentions Evan Ricafort and Steve Henty for responsibly reporting vulnerabilities during the WordPress 5.8 beta testing period so they could be fixed prior to release.

Notable Bug Fixes

#53769 – Bundled themes: block-patterns.php file should use get_template_directory_uri instead of get_stylesheet_directory_uri

When WordPress 5.8 was released, folks noticed that the block-patterns.php file in the Twenty Ten, Twenty Eleven, and Twenty Twelve themes was calling for the stylesheet directory instead of the template directory uri causing issues with child themes. That is now fixed.

#53827 – Increase number of media items displayed when clicking button to “Load More”

One of the items of feedback that was commonly reported after the release of WordPress 5.8 is that the number of items displayed in the Media Library was too low requiring users to click the ‘Load More’ button. If you wanted to view a number of items, you’d end up having to click this button often. This is partially why some users wanted the infinite scroll method to come back. A middle ground has been achieved by increasing the number of items that are displayed from 40 to 80.

WordPress 5.8.1 was led by Jonathan Desrosiers and Evan Mullins and contains the work of a number of contributors.

Leave a Comment