What’s in the WordPress 5.4.1 update? 7 vulnerability fixes
Last updated:
On April 29, 2020, WordPress 5.4.1, which fixes the vulnerability, released. Seven security fixes included. Here are the updates.
Release Date
WordPress 5.4.1 releases on April 29, 2020. Due to the security release, please update as soon as possible.
WordPress 5.4 releases on March 31, 2020, so it’s a minor update about a month later.
The following is a list of new features and changes for WordPress 5.4.
What’s new in WordPress 5.4? New features and changes
Updated Content
Updating to WordPress 5.4.1 will fix the following seven security issues.
- Password reset tokens are not invalidated
- It was possible that certain private posts could display without authentication.
- XSS vulnerability in the customizer
- XSS vulnerability in search blocking
- XSS vulnerability in the WordPress object cache
- XSS Vulnerability in File Uploads
- XSS issues in the block editor
Server Requirements
The requirements for running WordPress 5.4.1 include the following recommended.
- PHP 7.3 or higher
- MySQL 5.6 or higher or MariaDB 10.1 or higher
- Nginx or Apache
How to Download
WordPress 5.4.1 is available on the download page.
Please refer to the article below on how to download WordPress.
How to Download WordPress ( Download Site/Page )
How to Update
To update to WordPress 5.4.1, click the Update Now button on the dashboard update page.
If automatic updates are active, the update will start in the background.
What to do if the post page doesn’t show up after an update
After updating to WordPress 5.4.1, when accessing the Posts (single.php) with a specific permalink setting, the archive page (archive.php) will be displayed.
This happens when a blog service migrates a post with a URL as a date to WordPress.
Reason
Since WordPress 5.4.1, if you set only date and time (year/month/day/hour/minute/second) in the permalink setting, Posts will get archived.
This is the case when the following is set in the permalink settings.
/%year%/%monthnum%/%day%/%hour%%minute%%second%/
This is to fix the problem that if there are multiple posts published at the same date and time, the second and subsequent non-public posts can view them.
Solution
Downgrading to WordPress 5.4
Install WP Downgrade | Specific Core Version and downgrade to WordPress 5.4.
Change the permalink settings to redirect
- Change the end of the permalink setting to %post_id% or %postname% to make it a unique URL
- Change the slug of an existing article
- Install Redirection and set up 301 redirection
Related Post
Others have also seen this article.
WordPress Version List (Release Date/Code Name)
What’s New in WordPress 5.4.2? Fixed 6 security issues
What’s new in WordPress 5.5? New Features and Changes