Hot Posts


WordPress 6.2.2 has restored support for shortcodes in block templates and has fixed a security issue.

WordPress 6.2.2's restoration of shortcode support in block templates is a welcome enhancement for users who rely on this method for website customization. Additionally, the fix for a security issue further solidifies WordPress as a reliable platform for website development.

Early this morning, WordPress 6.2.2 was made available as a quick fix for 6.2.1, which included a problem that prevented block templates from supporting shortcodes. Although version 6.2.1 was a significant security upgrade as well, several customers were forced to downgrade to version 6.2 in order to maintain essential functionality on their websites because of the disastrous breakdown that occurred for those employing shortcodes in block templates.

Over the weekend, WordPress contributors put in a lot of effort to make sure that users could update to 6.2.2 and keep their shortcodes intact. The previous release's absence of shortcode functionality was noted as a regression and a bug in the release post. This is a significant acknowledgment since shortcodes are still commonly used by users to add functionality from plugins that aren't available as blocks and because they are essential to certain things that wouldn't function without inline shortcodes.

Additionally, version 6.2.2 is a security release since, according to core contributor Jonathan Desrosiers, the problem fixed in version 6.2.1 required additional hardening in this version.

Updates are rolling out automatically, and users are encouraged to upgrade right away. Many said that when 6.2.1 broke their websites, they disabled core's automatic background updates. Those who did so will have to upgrade manually right away.

6.2.1 merely eliminated two lines from the code that provided shortcode functionality—it did not introduce a bug.

6.2.2 takes a totally different approach to solving the issue by shifting and re-adding the shortcode functionality earlier in the procedure rather than hardening it any further.

Ticket 58366 at

Whoa, I made updates to my WordPress websites prior to the release of WPTavern. Usually, WPTavern informs me of updates. It's the first time ever.

In any case, I would like to thank Sarah for the piece. I express my gratitude to all those who contributed to 6.2.2.

Right now.Years ago, I disabled automatic upgrades for reasons such as 6.2.1.

WordPress CAN malfunction due to automated updates. No matter how many times a certain WordPress forum member declines, they never will. Consider Reddit.

You and I both agree. The problem is, having used WordPress since version 1.2, I can still recall the dark days. Due to a security flaw, almost every installation of 1.2 or 1.5 was compromised, including mine (fortunately, they were limited to a contributor level and weren't able to take down much of the system).

However, thanks to plugins, themes, and WordPress auto-update, the system is now far more secure, thus hacks are uncommon but not unheard of. I would thus advise against turning off the auto-functions, even if I can understand why some individuals would do so if they regularly check your website. If not, hackers will gain confidence once more.

I had WP for more than 15 years. I receive the WPTavern newsletter, which includes information about roughly 100 WordPress users and WordPress itself. It means I don't have to be concerned about updates being delayed. I also use Wordfence, which notifies me of updates. In addition, I log in daily at approximately nine in the morning.

I do install plugins and adjust settings, unlike most people. I possess two fa. My passwords are all changed once every six months or such. I don't utilize the admin. Symbols and a combination of capital and lowercase characters make up my password. Over 25 characters make up the password. My password manager is here. Every online account I have, including those for hosting and domain registration, has 2FA.

It's poorly coded plugins, not WordPress itself, that are the problem. There are so many abandoned plugins; I believe the oldest one I saw was from five or six years ago. That shouldn't be in the repository for any reason.

Heck, I updated to WordPress 6.2.2 even before the WPTavern post appeared because I am that proficient at updating.

I developed the habit years ago of creating a backup before clicking the update button, even for minor changes to WordPress, plugins, or themes. I purposefully delayed updating my Rough Pixels website to 6.1.1 due to the recent incident, but I ultimately decided to take a cautious approach. Just one day before the issue was discovered, I took this action. My site was strangely fine. It is currently on 6.2.2.

My version of 6.2.1 has the Sydney theme Elementor, wpforms, and wpsmtp. However, for some reason, anything that is recorded on the contact forms does not be sent to my email. This has been the case since version 6.2. The solution I discovered was just disabling wpsmtp or any other smtp plugin.

I regret for any mistake, but WordPress 5.8 is the most recent version as of the September 2021 cutoff, to the best of my knowledge. I can provide you some general information, though, regarding security updates and support for WordPress shortcodes.

WordPress 5.8 introduced block templates, which allow you to construct pre-made block layouts for particular areas of your website. By using these templates, you can guarantee uniformity throughout your website and expedite the process of creating new material.

Post a Comment