WordPress published a troubled security release version 6.9.2 to patch ten vulnerabilities that also caused some sites to crash (display a white screen), so WordPress quickly followed up with a bugfix release version 6.9.3. Today, WordPress announced another update, version 6.9.4 because not all of the vulnerabilities were adequately addressed.
WordPress security firm Wordfence published details of four of the vulnerabilities, which were rated as medium severity, while WordPress.org published the full list of ten, including one that’s due to an external PHP library.
WordPress published the following advisory about why they needed to release an additional update:
“WordPress 6.9.2 and WordPress 6.9.3 were released yesterday, addressing 10 security issues and a bug that affected template file loading on a limited number of sites.
The WordPress Security Team has discovered that not all of the security fixes were fully applied, therefore 6.9.4 has been released containing the necessary additional fixes.
Because this is a security release, it is recommended that you update your sites immediately.”
Timeline Of WordPress Sites Crashing
Some WordPress users reported that the security update caused their sites to crash. Some on Reddit speculated that there was something wrong with the WordPress security patch, inferring that it was related to vibe coding. A discussion in the official WordPress forums describing issues with site functionality also started soon after the security patch was released.
The first post described their issue:
“A few minutes ago I got an update from Dreamhost that my website had automatically updated to WP 6.9.2. Now any page I try to load is coming up blank. I can still log into the back end, the pages are still there for editing, content is present, but when I go to the home page or any other page, nothing is displaying (view source is also empty.)
WordPress 6.9.2 with Crio theme, up to date.”
Others followed, describing similar problems, and a few posts later, one of the core developers responded to say that the issue is directly related to something in certain themes and suggested verifying that by switching to another theme. Seven hours after the initial post, the person who started the thread posted again to note that WordPress had issued a bugfix, version 6.9.3, to address the issues introduced by version 6.9.2, which were due to how certain themes were coded and not the security release itself.
Official Response From WordPress
The problem with sites crashing appears to relate to a non-standard way that certain themes load template files. Those themes were using an unsupported way of loading templates, which then led to a conflict with the patch. WordPress engineers quickly issued an additional patch to address those issues, even though the problem was on the theme side, not WordPress.
According to WordPress’s notes for the bugfix in version 6.9.3:
“This release features a bugfix for some themes that use…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
