A new security and maintenance WordPress-release features 12 bug fixes on Core, 5 bug fixes for the Block Editor, and 3 security fixes. This new version has version number 6.0.2.
Because this release contains security fixes, it is recommended that you update all your sites immediately. All versions since WordPress 3.7 have also been updated.
If you have sites that support automatic background updates, the update process will be done automatically.
You can download WordPress 6.0.2 from WordPress.org, or visit your WordPress Dashboard, click “Updates”, and then click “Update Now”.
Security updates included
The security issues has been discovered by the following people. Many thanks to:
- FVD for finding a possible SQL injection within the Link API.
- Khalilov Moe for finding an XSS vulnerability on the Plugins screen.
- John Blackbourn of the WordPress security team, for finding an output escaping issue within
the_meta()
.