WordPress 5.4.2 Security and Maintenance Release
This security and maintenance release features 22 fixes and enhancements. Plus, it adds a number of security fixes.
These bugs affect WordPress versions 5.4.1 and earlier; version 5.4.2 fixes them, so you’ll want to upgrade.
If you haven’t yet updated to 5.4, there are also updated versions of 5.3 and earlier that fix the bugs for you.
WordPress versions 5.4 and earlier are affected by the following bugs, which are fixed in version 5.4.2. If you haven’t yet updated to 5.4, there are also updated versions of 5.3 and earlier that fix the security issues.
- Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
- Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads.
- Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation.
- Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions.
Thank you to all of the reporters for privately disclosing the vulnerabilities. This gave the security team time to fix the vulnerabilities before WordPress sites could be attacked.
Welcome to WordPress 5.4
Every major release adds more to the block editor.
More ways to make posts and pages come alive with your best images. More ways to bring your visitors in, and keep them engaged, with the richness of embedded media from the web’s top services.
More ways to make your vision real, and put blocks in the perfect place—even if a particular kind of block is new to you. More efficient processes.
And more speed everywhere, so as you build sections or galleries, or just type in a line of prose, you can feel how much faster your work flows.
Two new blocks. And better blocks overall.
- Two brand-new blocks: Social Icons and Buttons make adding interactive features fast and easy.
- New ways with color: Gradients in the Buttons and Cover block, toolbar access to color options in Rich Text blocks, and for the first time, color options in the Group and Columns blocks.
- Guess a whole lot less! Version 5.4 streamlines the whole process for placing and replacing multimedia in every block. Now it works the same way in almost every block!
- And if you’ve ever thought your image in the Media+Text block should link to something else—perhaps a picture of a brochure should download that brochure as a document? Well, now it can.
Cleaner UI, clearer navigation—and easier tabbing!
- Clearer block navigation with block breadcrumbs. And easier selection once you get there.
- For when you need to navigate with the keyboard, better tabbing and focus. Plus, you can tab over to the sidebar of nearly any block.
- Speed! 14% faster loading of the editor, 51% faster time-to-type!
- Tips are gone. In their place, a Welcome Guide window you can bring up when you need it—and only when you need it—again and again.
- Know at a glance whether you’re in a block’s Edit or Navigation mode. Or, if you have restricted vision, your screen reader will tell you which mode you’re in.
Of course, if you want to work with the very latest tools and features, install the Gutenberg plugin. You’ll get to be the first to use new and exciting features in the block editor before anyone else has seen them!
Your fundamental right: privacy
5.4 helps with a variety of privacy issues around the world. So when users and stakeholders ask about regulatory compliance, or how your team handles user data, the answers should be a lot easier to get right.
Take a look:
- Now personal data exports include users session information and users location data from the community events widget. Plus, a table of contents!
- See progress as you process export and erasure requests through the privacy tools.
- Plus, little enhancements throughout give the privacy tools a little cleaner look. Your eyes will thank you!
Are you looking for Cheap WordPress 5.4.2 Hosting? Finding a high quality Cheap WordPress 5.4.2 Hosting provider is crucial for your web application. Your WordPress 5.4.2 application can only run smooth if it will be hosted on a server which can provide a higher up time & plenty of computing resources. There’re thousands of web hosting providers which offer asp.net hosting, but choosing Cheap WordPress 5.4.2 Hosting provider is a time consuming task. To make your buying decision easy we’ve concluded 3 Best yet Cheap WordPress 5.4.2 Hosting providers which are reliable and offer affordable WordPress 5.4.2 Hosting so that every one can afford it.
Cheap and Reliable WordPress 5.4.2 Hosting
|Host 1 Site||Host 1 Site||Host 5 Sites|
|1 GB Disk Space||1 GB Disk Space||1 GB Disk Space|
|10 GB Bandwidth||10 GB Bandwidth||20 GB Bandwidth|
|Dedicated Application Pool||Dedicated Application Pool||Dedicated Application Pool|
|Support UTF-8 Domains||Support UTF-8 Domains||Support UTF-8 Domains|
|30-Days Money Back||30-Days Money Back||30-Days Money Back|
|Latest ASP.NET||Latest ASP.NET||Latest ASP.NET|
|Plesk Control Panel||Plesk Control Panel||Plesk Control Panel|
|Windows 2008/2012||Windows 2008/2012||Windows 2008/2012|
|SQL Server 2008/2012/2014||SQL Server 2008/2012/2014||SQL Server 2008/2012/2014|
|Latest MySql version||Latest MySql version||Latest MySql version|
How to Choose Cheap and Reliable WordPress 5.4.2 Hosting?
Reliability and Speed of Access
Not only should the web host be reliable and fast, it should guarantee its uptime (the time when it is functional). Look for a minimum uptime of 99%. In fact, even 99% is actually too low — it really should be 99.5% or higher. The host should provide some sort of refund (eg prorated refund or discount) if it falls below that figure. Note though that guarantees are often hard to enforce from your end — especially if the host denies there was any downtime. However, without that guarantee, the web host will have little incentive to ensure that its servers are running all the time.
Data Transfer (Traffic/Bandwidth)
Data transfer (sometimes loosely referred to as “traffic” or “bandwidth”) is the amount of bytes transferred from your site to visitors when they browse your site.
Don’t believe any commercial web host that advertises “unlimited bandwidth”. The host has to pay for the bandwidth, and if you consume a lot of it, they will not silently bear your costs. Many high bandwidth websites have found this out the hard way when they suddenly receive an exorbitant bill for having “exceeded” the “unlimited bandwidth”. Always look for details on how much traffic the package allows. I personally always stay clear of any host that advertises “unlimited transfer”, even if the exact amount is specified somewhere else (sometimes buried in their policy statements). Usually you will find that they redefine “unlimited” to be limited in some way.
In addition, while bandwidth provided is something you should always check, do not be unduly swayed by promises of incredibly huge amounts of bandwidth. Chances are that your website will never be able to use that amount because it will hit other limits, namely resource limits.
To give you a rough idea of the typical traffic requirements of a website, most new sites that don’t provide video or music on their site use less than 3 GB of bandwidth per month. Your traffic requirements will grow over time, as your site becomes more well-known, so you will need to also check their policy when you exceed your data transfer limit: is there a published charge per GB over the allowed bandwidth? Is the charge made according to actual usage or are you expected to pre-pay for a potential overage? It is better not to go for hosts that expect you to prepay for overages, since it is very hard to forsee when your site will exceed its bandwidth and by how much.
For the same reason as bandwidth, watch out also for those “unlimited disk space” schemes. Many new sites (that don’t host videos or music) need less than 20 MB of web space, so even if you are provided with a host that tempts you with 100 GB (or “unlimited space”), be aware that you are unlikely to use that space, so don’t let the 100 GB space be too big a factor in your consideration when comparing with other web hosts. The hosting company is also aware of that, which is why they feel free to offer you that as a means of enticing you to host there.
Does its technical support function 24 hours a day, 7 days a week (often abbreviated 24/7), all year around? Note that I will not accept a host which does not have staff working on weekends or public holidays. You will be surprised at how often things go wrong at the most inconvenient of times. Incidentally, just because a host advertises that it has 24/7 support does not necessarily mean that it really has that kind of support. Test them out by emailing at midnight and on Saturday nights, Sunday mornings, etc. Check out how long they take to respond. Besides speed of responses, check to see if they are technically competent. You wouldn’t want to sign up with a host that is run by a bunch of salesmen who only know how to sell and not fix problems.
Email, Autoresponders, POP3, Mail Forwarding
If you have your own site, you will probably want to have email addresses at your own domain, like [email protected], etc. Does the host allow you to set up whatever email addresses you want on your domain, so that mail can be forwarded to your current email address, or placed into a mail box on your web hosting account itself? Can you set an email address to automatically reply to the sender with a preset message (called an autoresponder)? Can you retrieve your mail with your email software?
This is called various names by different hosts, but essentially, they all allow you to manage different aspects of your web account yourself. Typically, and at the very minimum, it should allow you to do things like add, delete, and manage your email addresses, and change passwords for your account. I will not sign up with a host where I have to go through their technical support each time I want to change a password or add/delete an email account. Such tasks are common maintenance chores that every webmaster performs time and time again, and it would be a great hassle if you had to wait for their technical support to make the changes for you.
Web Server and Operating System
Is the type of operating system and server important?
In general, most people will want to sign up for a web host offering a Unix-based system (like Linux, FreeBSD or OpenBSD) and running the Apache web server. Most web-based software assume your website is running on such a system, and you will usually experience fewer compatibility issues with it. There are also a lot of guides available on the Internet on configuring such systems, so finding help when you need it is easier as well.
In my opinion, the only time when you will want to use a Windows server is if you’re running Windows-specific programs, like ASP scripts. But even then, you’ll probably be better off looking for a PHP-equivalent, and using a Unix-based system.
I was actually hesitant to list this, but I guess it’s futile not to. However, I would caution that while price is always a factor, you should realise (“realize” in US English) that you often get what you pay for, although it’s not necessarily true that the most expensive hosts are the best.
Monthly/Quarterly/Annual Payment Plans
Most web hosts allow you to select an annual payment plan that gives you a cheaper rate than if you were to pay monthly. My current personal preference is to pay monthly with all new web hosts until I’m assured of their reliability and honesty. Paying monthly allows me to switch web hosts quickly when I find that the current host does not meet my requirements: this way, I’m not tied down to a bad web host because I have prepaid for an entire year. I do this even if the new web host guarantees that they will refund the balance if I’m dissatisfied, since at the point I sign up, I have no assurance that they will honour their guarantee. Later (usually after a couple of years), when I’m satisfied with the host, I may change payment plans to the discounted annual plans.
Not all hosting companies own or lease their own web servers. Some of them are actually resellers for some other hosting company. The disadvantage of using a reseller is the possibility that you are dealing with people who don’t know much about the system they are selling and who take longer to help you (they have to transmit your technical support request to the actual hosting company for it to be acted upon). However, this also depends on both the reseller and the underlying hosting company. It is thus wise not to rule out all resellers; there are a number of reliable and fast ones who are actually quite good and cheap. In fact, a number of resellers sell the same packages cheaper than their original hosting company. If you find out that a particular company is a reseller, you will need to investigate both the reseller and the real hosting company.
If you don’t stay in the USA, you have the option of hosting your site with some local provider. The advantage here is the ease of dealing with them (they are after all easily accessible by phone call or a visit), your familiarity with the local laws and easy recourse to those laws should it be necessary. It should be your choice if your target audience is local (eg a local fast food delivery service). On the other hand, hosting it in USA has the advantage of faster access for what is probably the largest number of your overseas visitors (particularly if you have an English-speaking audience). You also have a large number of hosting companies to choose from, and as a result, cheaper prices too.