WordPress 5.8.1 is now available for download. This release contains 60 bug fixes and patches three security vulnerabilities and because of those patches, it is recommended that you update your site or sites as soon as possible. These security fixes have also been backported to WordPress 5.4. Unless you have turned automatic updates off, most sites will update automatically.
The three security issues addressed were a Cross-Site Scripting vulnerability in the block editor, a data exposure vulnerability in the REST API, and security fixes implemented from updating to Lodash library 4.17.21. @mdawaffe is credited with reporting the data exposure vulnerability while Michał Bentkowski of Securitum reported the XSS vulnerability.
Notable Bug Fixes
#53769 – Bundled themes: block-patterns.php file should use
get_template_directory_uri instead of
When WordPress 5.8 was released, folks noticed that the block-patterns.php file in the Twenty Ten, Twenty Eleven, and Twenty Twelve themes was calling for the stylesheet directory instead of the template directory uri causing issues with child themes. That is now fixed.
#53827 – Increase number of media items displayed when clicking button to “Load More”
One of the items of feedback that was commonly reported after the release of WordPress 5.8 is that the number of items displayed in the Media Library was too low requiring users to click the ‘Load More’ button. If you wanted to view a number of items, you’d end up having to click this button often. This is partially why some users wanted the infinite scroll method to come back. A middle ground has been achieved by increasing the number of items that are displayed from 40 to 80.