WordPress 4.9.5 is released. This is a security and maintenance release for all version since WordPress 3.7. Wordpress emphatically urge all to update your site immediately.
WordPress version 4.9.4 and prior are influenced by three security issues. As part of the core group's continuous sense of duty regarding security hardening, the accompanying fixes have been implemented in 4.9.5:
1. Don’t treat localhost as same host by default.
2. Utilize safe redirects while redirecting the login page if SSL is forced.
3. Ensure the version string is effectively gotten away for use in generator tags.
Much obliged to you to the reporters of these issues for practicing coordinated security disclosure: xknown of the WordPress Security Team.
Twenty-five different bugs were settled in WordPress 4.9.5. Especially of note were:
1. The past styles on caption shortcodes have been restored.
2. Cropping on touch screen gadgets is presently supported.
3. An assortment of strings, for example, error messages have been updated for better clarity.
4. The position of an attachment placeholder amid uploads has been settled.
6. Enhanced compatibility with PHP 7.2.