• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

virusword.com

Learn Wordpress

  • Home
  • WordPress Shop
    • Fotopress
    • SEO Tool Kit
    • Social Contact
    • Tag Machine 2
    • Video Profits
  • Latest News
  • WordPress
    • Plugins
    • Themes
    • Tutorials
    • Videos
    • Woocommerce
  • About Us
  • Contact Us
    • Terms of Service
    • Privacy Policy
  • Show Search
Hide Search
Home/Latest News/WordPress 6.3.2 – Maintenance and Security release – WordPress News

WordPress 6.3.2 – Maintenance and Security release – WordPress News

This security and maintenance release features 19 bug fixes on Core, 22 bug fixes for the Block Editor, and 8 security fixes.

WordPress 6.3.2 is a short-cycle release. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement. Because this is a security release, it is recommended that you update your sites immediately. Backports are also available for other major WordPress releases, 4.1 and later.

The next major release will be version 6.4 planned for 7 November 2023.

If you have sites that support automatic background updates, the update process will begin automatically.

You can download WordPress 6.3.2 from WordPress.org, or visit your WordPress Dashboard, click “Updates”, and then click “Update Now”.

For more information on this release, please visit the HelpHub site.

Security updates included in this release

The security team would like to thank the following people for responsibly reporting vulnerabilities, and allowing them to be fixed in this release:

  • Marc Montpas of Automattic for finding a potential disclosure of user email addresses.
  • Marc Montpas of Automattic for finding an RCE POP Chains vulnerability.
  • Rafie Muhammad and Edouard L of Patchstack along with a WordPress commissioned third-party audit for each independently identifying a XSS issue in the post link navigation block.
  • Jb Audras of the WordPress Security Team and Rafie Muhammad of Patchstack for each independently discovering an issue where comments on private posts could be leaked to other users.
  • John Blackbourn (WordPress Security Team), James Golovich, J.D Grimes, Numan Turle, WhiteCyberSec for each independently identifying a way for logged-in users to execute any shortcode.
  • mascara7784 and a third-party security audit for identifying a XSS vulnerability in the application password screen.
  • Jorge Costa of the WordPress Core Team for identifying XSS vulnerability in the footnotes block.
  • s5s and raouf_maklouf for independently identifying a cache poisoning DoS vulnerability.

Thank you to these WordPress contributors

This release was led by Joe McGill, Aaron Jorbin and Jb Audras, with the help of David Baumwald on mission control.

WordPress 6.3.2 would not have been possible without the contributions of the following people. Their asynchronous coordination to deliver maintenance and security fixes into a stable release is a testament to the power and capability of the WordPress community.

Aaron Jorbin, Aki Hamano, Akihiro Harai, Alex Concha, Andrew Ozz, Andy Fragen, Anthony Burchell, Aurooba Ahmed, Ben Dwyer, Carolina Nymark, Colin Stewart, Corey Worrell, Damon Cook, David Biňovec, David E. Smith, Dean Sas, Dennis Snell, Dhruvi Shah, Dion Hulse, Ehtisham S., Felix Arntz, George Mamadashvili, Greg Ziółkowski, Huzaifa Al Mesbah, Isabel Brison, Jb Audras, Joe Hoyle, Joe McGill, John Blackbourn, John James Jacoby, Jonathan Desrosiers, Jonny Harris, Jorge Costa, Justin Tadlock, K. Adam White, Kim Coleman, LarryWEB, Liam Gladdy, Mehedi Hassan, Miguel Fonseca, Mukesh Panchal, Nicole Furlan, Paul Biron, Paul Kevan, Peter Wilson, Pooja N Muchandikar, Rajin Sharwar, Ryan McCue, Sal Ferrarello, Sergey Biryukov, Shail Mehta, Stephen Bernhardt, Teddy Patriarca, Timothy Jacobs, Weston Ruter, Zunaid Amin, ahardyjpl, beryldlg, floydwilde, jastos, martin.krcho, masteradhoc, petitphp, ramonopoly, vortfu, zieladam

How to contribute

To get involved in WordPress core development, head over to Trac, pick a ticket, and join the conversation in the #core and #6-4-release-leads channels. Need help? Check out the Core Contributor Handbook.

Already testing WordPress 6.4? The fourth beta is now available (zip) and it contains these security fixes. For more on 6.4, see the beta 3 announcement post.

Thanks to @jeffpaul, @chanthaboune, @peterwilsoncc and @rawrly for proofreading.

Like this:

Like Loading…

Source link

Written by:
Abdul Wahid
Published on:
October 15, 2023

Categories: Latest News

Primary Sidebar

Wordpress

  • Content Management Systems (2)
  • Digital Marketing (4)
  • Internet Marketing (28)
  • Latest News (458)
  • Online Business (2)
  • Plugins (519)
  • Themes (521)
  • Videos (1,350)
  • Website Development (1)
  • Woocommerce (589)
  • WordPress (6)

Recent Articles

Unlock Your Internet Marketing Potential with WordPress: Tips, Tools, and Strategies

How to Use WordPress to Achieve Your Internet …

Continue Reading about Unlock Your Internet Marketing Potential with WordPress: Tips, Tools, and Strategies

Unlock Your Internet Marketing Potential: Harnessing the Power of WordPress

How to Use WordPress to Achieve Your Internet …

Continue Reading about Unlock Your Internet Marketing Potential: Harnessing the Power of WordPress

Search our site

Explore more

Get our Wordpress Guide Get Plugins Get Connected

Footer

VirusWord by Promaps, Inc.

Barnes Place
Colombo 7, Western 00700

Copyright © 2025 · Promaps, Inc.

Keep In Touch

  • Email
  • Facebook
  • Instagram
  • Pinterest
  • Twitter