Skip to content

2.14.0

Compare
Choose a tag to compare
@alanhartless alanhartless released this 25 Jul 18:22
· 6636 commits to staging since this release

Change Log

Security

  • Prevented updating custom fields that were not set as publicly updateable
  • Fixed theme's Author URL XSS vulnerability (Reported by @joanbono)
  • Fixed company name XSS vulnerability (Reported by @joanbono)

Features

Enhancements

Bugs

Dev Notes

A big thank you to the following community members for contributing to this release either by code or bug report: @alanhartless, @Dcoutelle, @dongilbert, @dreiser, @Enc3phale, @enguerr, @escopecz, @GaberNeighbor, @GabriGreese, @guillaumedufour, @hammad-tfg, @heathdutton, @isleshocky77, @johbuch, @jonasstinkens, @justinfortes, @kuzmany, @luizeof, @Maxell92, @maxlawton, @Mazzim, @mtahiue, @Noa83, @npracht, @panchtatvam, @r-martins, @rc125, @sarahwernik, @scottshipman, @snoek8, @stoneddesigner, @tadinski, @Woeler, @yrammos

SHA1 for 2.14.0.zip = 1a926d8d3752c85bc3cc2543625d8762e44ca206
SHA1 for 2.14.0-update.zip = faab69da1ad5303523450195838e0ef126104832