Howdy, Jetpack Community!
We’ve just released v2.3.1 to the plugins repository. This is both a security release, and fixes a number of minor bugs that we’ve found in the past few weeks.
The security aspect related to a missing capability check that permitted a non-intuitive, but feasible method for authenticated users to activate modules, but not to view or change any configurations. We added in the proper checks to ensure that this never happens in the future, and are currently looking at retooling the administrative UI for the next release.
Other changes include:
- Comments: We added in some additional classes to the comment form markup to mirror the upcoming changes in core.
- Debug: We improved the test results output by making the error messages clearer and more succinct.
- Likes: We fixed a static warning, and added some styling if you’ve got MP6 enabled.
- Omnisearch: We fixed a couple strict warnings from newer versions of PHP, delayed the inclusion and declaration of providers until admin_init, and made it easier to search custom post types.
- Sharing: We applied a couple of layout patches including: updating the Pinterest element width when necessary, adjusting length to better fit tweets, and migrating the LinkedIn button to their official sharing link.
- Social Links: We refactored the class for a more consistent codebase.
- Twitter Timeline Widget: We started applying some better data validation for the widget dimensions.
- We added a
MINUTE_IN_SECONDSand related constants for backward compatability with WordPress 3.4
As always, please let us know if you have any issues cropping up, so that we can quickly deal with them!
Explore the benefits of Jetpack
Learn how Jetpack can help you protect, speed up, and grow your WordPress site.
Get up to 20% off your first year.Compare plans