Earlier today, I received several email notifications that the WordPress 6.3.2 update has been released. Like any other maintenance and security release it is imperative and strongly recommended that everyone using or running a WordPress-powered site update immediately!
WordPress 6.3.2 Maintenance and Security release features 19 bug fixes on the WordPress Core, 22 bug fixes for the Block Editor, and 8 other security fixes.
SECURITY UPDATES INCLUDED IN WORDPRESS 6.3.2
- Fix for potential disclosure of user email addresses
- Fix for RCE POP Chains vulnerability
- Fix for XSS issue in the post link navigation block
- Fix for issue where comments on private posts could be leaked to other users
- Fix for logged-in users to execute any shortcode
- Fix for XSS vulnerability in the application password screen
- Fix for XSS vulnerability in the footnotes block
- Fix for cache poisoning DoS vulnerability
Kudos to the WordPress security team as well as all the individuals and parties who helped fix or reported the vulnerabilities.
For those of you who already have automatic background updates enabled on your WordPress-powered site, then you don’t have to worry or do anything as the update will be done automatically.
If you haven’t enabled automatic background updates or are not familiar with this feature, you can do so by logging in to your WordPress Dashboard > Updates and then clicking Update Now.
In my case, I was busy working on some projects so I wasn’t able to perform the update right away. Before I updated the WordPress version on my live site, I tested it out first on my staging site. Once I was able to confirm that the update went smoothly on my staging site, I went ahead and performed the update on my live site.
Have you guys updated your site/s to WordPress 6.3.2? Anyone else who hasn’t upgraded yet? Anyone experienced issues after upgrading to WordPress 6.3.2? Please share your thoughts by leaving a comment.
