Version 5.8.1

On September 8, 2021, WordPress 5.8.1 was released to the public.

Installation/Update Information

To get this version, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

Security updates

3 security issues affects WordPress versions between 5.4 and 5.8. If you haven’t yet updated to 5.8, all WordPress versions since 5.4 have also been updated to fix the following security issues:

  • Props @mdawaffe, member of the WordPress Security Team for their work fixing a data exposure vulnerability within the REST API.
  • Props to Michał Bentkowski of Securitum for reporting a XSS vulnerability in the block editor.
  • The Lodash library has been updated to version 4.17.21 in each branch to incorporate upstream security fixes.

In addition to these issues, the security team would like to thank the following people for reporting vulnerabilities during the WordPress 5.8 beta testing period, allowing them to be fixed prior to release:

  • Props Evan Ricafort for reporting a XSS vulnerability in the block editor discovered during the 5.8 release’s beta period.
  • Props Steve Henty for reporting a privilege escalation issue in the block editor.

Thank you to all of the reporters for privately disclosing the vulnerabilities. This gave the security team time to fix the vulnerabilities before WordPress sites could be attacked.

Maintenance updates

WordPress 5.8.1 Release Candidate 1 features 41 bug fixes on Core, as well as 20 bug fixes for the Block Editor.

The following core tickets from Trac are fixed:

  • #52818 – Ordering metaboxes broken in WP 5.7
  • #53556 – Add a new template-editing tag to the Theme API
  • #53562 – Widgets Editor in Customizer doesn’t load with E2E tests + 0ms Animations
  • #53609 – Responsive widget block embeds not showing in the customizer
  • #53616 – Registered block styles should only be rendered when the block exists on a page
  • #53641 – Can not configure image widget (and others) in widget accessability mode
  • #53654 – Menus: Hide bulk-select options when no menus exist
  • #53667 – Support wp_editor_set_quality for both loaded and saved mime_types
  • #53668 – Generated images for one file can be overwritten by another with the same name when mapping mime types for generated images
  • #53679 – The media library looks broken on mobile
  • #53680 – Correct inline documentation about IMAGETYPE_WEBP and IMG_WEBP
  • #53696 – wp_add_iframed_editor_assets_html() not checking for block editor
  • #53697 – Possible Regression – Border settings not displaying for Button Block
  • #53702 – Four css files removed between 5.7.x and 5.8 were not included in $_old_files
  • #53713 – Bounce underscore.js version in script-loader
  • #53714 – Bounce jquery.form.js version in script-loader
  • #53715 – Bounce hoverIntent.js version in script-loader
  • #53716 – The “/” missing at the end of image tag
  • #53719 – grunt clean:css does not clean the css/dist folder
  • #53738 – Broken loop in WP_Theme_JSON_Resolver
  • #53752 – Twenty Ten: Block patterns file causes error in child themes
  • #53757 – Widget editor calls get_block_categories() with incorrect arg type
  • #53769 – Bundled themes: block-patterns.php file should use get_template_directory_uri instead of get_stylesheet_directory_uri
  • #53773 – /wp-admin/includes/ajax-actions.php file line 3006 is creating divide by zero error
  • #53777 – Bump bundled theme versions for
  • #53799 – Remove version-controlled files check from Test Old Branches workflow
  • #53803 – Customizer: Radio button on background image position selector visible on focus
  • #53820 – Build doesn’t support Docker Compose V2
  • #53827 – Increase number of media items displayed when clicking button to “Load More”
  • #53830 – Default filters try to create nonce during installation before options table exists
  • #53833 – ‘Replace image’ Media Modal is missing select fields under filter media due to css issues
  • #53877 – Menus: Selected display locations for new menus aren’t saved
  • #53898 – Duplicated 404 templates in the TemplatePanel
  • #53922 – Docblock in get_block_editor_settings function
  • #53932 – Media grid view doesn’t show all media elements
  • #53936 – Output of serialize_block_attributes does not match equivalent Gutenberg function
  • #53955 – Fix and improve the docs for the image_editor_output_format filter
  • #54030 – Pressing esc in Widgets Editor closes panel in customizer
  • #54036 – PclZip throwing errors on PHP 8 – previously merged patch is incomplete
  • #54052 – Block editor package updates for 5.8.1

For more information, browse the full list of changes on Trac.

Fixed Block editor issues from GitHub:

  • PR33384 – Fix API docs for data reference guides
  • PR33381 – Docs: use markdown headings instead of links for API declarations
  • PR33498 – Docs: Run Prettier after updating API in documentation
  • PR33549 – Use tabs instead of spaces in block transform doc example
  • PR30617 – Fix metabox reordering
  • PR32083 – Block editor: move layout styles to document head (instead of rendering inline)
  • PR33814 – Widgets: Allow HTML tags in description
  • PR33457 – Editor: Set ‘hide_empty’ for the most used terms query
  • PR33482 – Update widget editor help links to point to the new support article
  • PR33621 – Fixed that the block is selected instead of the title when using the select all shortcut.
  • PR33699 – Writing flow: select all: remove early return for post title
  • PR33618 – Call onChangeSectionExpanded conditionally
  • PR33679 – FontSizePicker: Use number values when the initial value is a number
  • PR33739 – Fix justification for button block when selected
  • PR33771 – Add error boundaries to widget screens
  • PR33802 – Fix insertion point in Widgets editors
  • PR34280 – Default batch processor: Respect the batch endpoint’s maxItems
  • PR34314 – Fix button block focus trap after a URL has been added
  • PR34076 – Text for dropdown fields within legacy widgets in the Customizer is off centered
  • PR32935 – Add a SearchControl component and reuse accross the UI(class change in tests)

Thanks and props!

The 5.8.1 release was led by Jonathan Desrosiers and Evan Mullins.

In addition to the security researchers and release squad members mentioned above, thank you to everyone who helped make WordPress 5.8.1 happen:

2linctoolsAdam ZielinskiAlain SchlesserAlex LendealexstineAlGalaAndréAndrei DraganescuAndrew OzzAnkit PanchalAnthony BurchellAnton VlasenkoAri StathopoulosBruno RibaricCarolina NymarkDaisy OlsenDaniel RichardsDariaDavid AndersonDavid BiňovecDavid HerreraDominik SchillingElla van DurpeEnchiridionEvan MullinsGary JonesGeorge MamadashviliGreg ZiółkowskiHéctor PrietoianmjonesJb AudrasJeff BowenJoe DolsonJoen A.John BlackbournJonathan DesrosiersJuanMa GarridoJuliette Reinders FolmerKai HaoKapil PaulKerry LiuKevin FodnessMarcus KazmierczakMark-kMattMichael Adams (mdawaffe)Mike Schrodermoch11Mukesh PanchalNik TsekourasPaal Joachim RomdahlPascal BirchlerPaul BearnePaul BironPeter WilsonPetter Walbø JohnsgårdRadixwebRahul MehtaramonopolyravipatelRiad BenguellaRobert AndersonRodrigo AriasSanket ChodavadiyaSergey BiryukovStephen BernhardtStephen EdgarSteve HentyterralingTimothy JacobstmatsuurTobiasBgTonya MorkToro_Unit (Hiroshi Urabe)Vlad Twb1234, and WFMattR.

List of Files Revised

license.txt
wp-admin/about.php
wp-admin/customize.php
wp-admin/edit-form-blocks.php
wp-admin/includes/ajax-actions.php
wp-admin/includes/class-custom-background.php
wp-admin/includes/class-pclzip.php
wp-admin/includes/theme.php
wp-admin/includes/update-core.php
wp-admin/js/customize-controls.js
wp-admin/js/customize-controls.min.js
wp-admin/js/editor-expand.js
wp-admin/js/editor-expand.min.js
wp-admin/js/editor.js
wp-admin/js/editor.min.js
wp-admin/js/widgets/custom-html-widgets.js
wp-admin/js/widgets/custom-html-widgets.min.js
wp-admin/js/widgets/media-widgets.js
wp-admin/js/widgets/media-widgets.min.js
wp-admin/nav-menus.php
wp-admin/widgets-form-blocks.php
wp-includes/assets/script-loader-packages.php
wp-includes/block-editor.php
wp-includes/blocks.php
wp-includes/class-wp-customize-widgets.php
wp-includes/class-wp-editor.php
wp-includes/class-wp-image-editor.php
wp-includes/class-wp-theme-json-resolver.php
wp-includes/class-wp-theme-json.php
wp-includes/compat.php
wp-includes/css/dist/block-editor/style-rtl.css
wp-includes/css/dist/block-editor/style-rtl.min.css
wp-includes/css/dist/block-editor/style.css
wp-includes/css/dist/block-editor/style.min.css
wp-includes/css/dist/edit-widgets/style-rtl.css
wp-includes/css/dist/edit-widgets/style-rtl.min.css
wp-includes/css/dist/edit-widgets/style.css
wp-includes/css/dist/edit-widgets/style.min.css
wp-includes/css/dist/widgets/style-rtl.css
wp-includes/css/dist/widgets/style-rtl.min.css
wp-includes/css/dist/widgets/style.css
wp-includes/css/dist/widgets/style.min.css
wp-includes/css/media-views-rtl.css
wp-includes/css/media-views-rtl.min.css
wp-includes/css/media-views.css
wp-includes/css/media-views.min.css
wp-includes/customize/class-wp-customize-background-position-control.php
wp-includes/functions.php
wp-includes/general-template.php
wp-includes/images/crystal/license.txt
wp-includes/js/dist/block-editor.js
wp-includes/js/dist/block-editor.min.js
wp-includes/js/dist/block-library.js
wp-includes/js/dist/block-library.min.js
wp-includes/js/dist/components.js
wp-includes/js/dist/components.min.js
wp-includes/js/dist/core-data.js
wp-includes/js/dist/core-data.min.js
wp-includes/js/dist/customize-widgets.js
wp-includes/js/dist/customize-widgets.min.js
wp-includes/js/dist/data.js
wp-includes/js/dist/edit-post.js
wp-includes/js/dist/edit-post.min.js
wp-includes/js/dist/edit-widgets.js
wp-includes/js/dist/edit-widgets.min.js
wp-includes/js/dist/editor.js
wp-includes/js/dist/editor.min.js
wp-includes/js/media-models.js
wp-includes/js/media-models.min.js
wp-includes/js/quicktags.js
wp-includes/js/quicktags.min.js
wp-includes/js/tinymce/plugins/wordpress/plugin.js
wp-includes/js/tinymce/plugins/wordpress/plugin.min.js
wp-includes/js/tinymce/wp-tinymce.js
wp-includes/script-loader.php
wp-includes/theme.json
wp-includes/version.php

First published

Last updated