WordPress 5.2.3 is a security release which addresses several cross-site scripting (XSS) vulnerabilities, a patch for jQuery to and includes 28 bug fixes.
As with any security release – it’s important that you update immediately.
What does it fix?
Issues fixed in the WordPress 5.2.3 Security Release:
The new Site Health feature is one of the best things to be added to WordPress for a long time.
It gives administrators:
updates recommendations – for both the server (PHP version and HTTPS) and WordPress
maintenance recommendations (e.g. remove inactive plugins and themes)
configuration and health checks (e.g. background update checks working)
a place to view, copy, and share important debug information
It can be accessed from the wp-admin in the Tools -> Site Health menu.
PHP fatal recovery (WSOD protection)
Previous to WordPress 5.2 – when WordPress experienced a fatal error it would stop working – showing what was known as the “white screen of death” (WSOD).
WordPress 5.2 changes how this happens – instead front end users will see an error message which reads
The site is experiencing technical difficulties.
and the site administrator will receive an email notifying of the error and include a special link to access the wp-admin in “recovery mode”. This allows the site administrator to safely fix or manage fatal errors without needing access to the server.
WordPress 5.2 includes the first part of the “update package signing” feature – which will ensure updates to WordPress, plugins and themes are downloaded correctly before they are installed.
This will be tested with the next WordPress 5.2.x release.
Future updates will include error detection and fallback mechanisms as well as making UI options will be added.
Gutenberg updates
WordPress 5.2 continues the development of the new “Gutenberg” editor – including performance and UX improvements.
No more TinyMCE in blocks
Block Management UI
Performance more than doubled in async mode
All widgets ported to blocks
A lot of improvements to existing blocks (cover block with inner blocks, focal point picker,…)
After three years of no changes to dashboard icons – 13 new icons have been added as well as 18 that were previously unavailable due to missing css declarations.
WordPress 5.2 will now use this information to determine if your site’s version of PHP is compatible.
If the plugin requires a higher version of PHP than your site currently uses, WordPress will not allow you to activate it, preventing potential compatibility errors.
Core widgets converted to blocks
All default widgets are now available in Gutenberg as blocks.
This paves the way for the Gutenberg interface to be used in other areas of WordPress – such as the widget editor.
How to install the update?
As a major release 5.2 will need to be installed manually.
You will need to install by logging into your WordPress administration console and go to the Dashboard -> Updates page.
As always, backing up the site before installing updates is highly recommended.