WordPress Releases 6.2.2 To Fix Version 6.2.1

WordPress Update

A recent security update in WordPress has caused a stir within the developer community, with several websites experiencing functionality issues. The removal of a crucial feature in the WordPress blocks system has rendered numerous plugins ineffective, resulting in frustration among developers.

WordPress Releases 6.2.2

WordPress swiftly responded to the concerns raised by developers and released version 6.2.2 to rectify the security patch introduced in the previous version. This update aimed to address a regression issue and patch a vulnerability that was present in version 6.2.1. Publishers who encountered difficulties due to the shortcodes bug in the prior update are advised to consider updating to the latest version for a smoother experience.

WordPress 6.2.1 Update

The WordPress 6.2.1 update was automatically applied to sites supporting automatic background updates as it was categorized as a Security Release. This update included five crucial security fixes. One of the key vulnerabilities resolved was the block themes parsing shortcodes in user-generated data, which had the potential to allow unauthenticated attackers to exploit vulnerabilities requiring Subscriber or Contributor-level permissions.

The root of the problem lies in the initial security fix, which impacted shortcodes in block themes and subsequently caused the disruptions experienced by various websites. Shortcodes are lines of code acting as placeholders for functionality, such as contact forms, within user-generated content.

The Impact and Workarounds

The vulnerability in the shortcode functionality led to its complete removal from WordPress block templates, thereby eliminating the possibility of exploitation. However, this solution resulted in some sites becoming non-functional, effectively breaking their intended functionality.

In an effort to restore shortcode support on templates, a workaround was created. However, this workaround reintroduced the vulnerability, leading to a precarious situation. While some users opted for the workaround temporarily, it was crucial to find a more permanent solution.

One prominent plugin affected by the update was Rank Math, where the breadcrumb functionality failed after the 6.2.1 update. Users sought a fix for this issue, and Rank Math support recommended implementing a workaround. Unfortunately, this workaround not only restored shortcode functionality but also reintroduced the vulnerability, presenting a significant concern.

The Smart Slider 3 plugin also experienced functionality blockage following the update. Users reported the loss of shortcode support, impacting their ability to display sliders in block templates. The Smart Slider 3 support team suggested the use of the workaround fix to restore functionality.

WordPress has promptly addressed the disruptions caused by the security update with the release of version 6.2.2. However, it is essential for publishers and developers to be aware of the implications and potential vulnerabilities associated with shortcodes in block themes.

While workarounds have been suggested, it is important to exercise caution, as they may reintroduce security risks. Engaging in discussions on support forums and staying updated with official WordPress announcements can provide valuable insights into resolving any issues caused by the recent update. By staying informed and taking appropriate measures, users can ensure the smooth functioning and security of their WordPress websites.

Conclusion

While the problem does look to have been resolved, it is still advisable to be cautious when updating your WordPress core to the latest versions. Our WordPress developers recommend backing up your files and database before any update and to create a clone of your WordPress website and testing the website’s updates there. Check thoroughly post update for any style or functionality issues on the frontend of your website – especially on pages where you may have used shortcodes.

Still have a problem? Our WordPress experts are here to help. If the latest WordPress updates broke your site, contact us now and we will have your website back online within the hour.

 

Get Started

Ready to get going? Click on one of the buttons below and tell us more about the web design, web development or website fix you need and we will be in touch with you within hours with some options to get your business moving in the right direction