WordPress 4.9.5 was released from wordpress.org yesterday.

The WordPress 4.9.5 is a security and maintenance release and it is a recommended update for all versions since WordPress 3.7.

According to wordpress.org WordPress versions 4.9.4 and earlier are all affected by three security issues.

So three security fixes have been implemented in WordPress 4.9.5:

  1. Don’t treat localhost as same host by default.
  2. Use safe redirects when redirecting the login page if SSL is forced.
  3. Make sure the version string is correctly escaped for use in generator tags.

There are 25 other bugsfixes in WordPress 4.9.5

Some noteworthy fixes are:

You can go to┬áMake WordPress Core’s changelog for the 4.9.5 here.