WooCommerce 3.6.5 Security Update

·

·

WooCommerce 3.6.5 was released on July 2 as a security release. This update improves the security of WooCommerce by introducing new functions in the importer.

Security improvements

  • Introduce file type check for tax rate importer.
  • Added nonce check to CSV importer actions.

Fixes

  • WordPress & PHP upgrade nudges when running older versions.
  • «Filter by price» widget excludes category when combined with a product attribute.
  • Add query parameter (GET) forwarding when processing batch API requests.
  • Fixed query of top rated products shortcode.
  • Typo in customers endpoint schema.
  • Update Emogrifier library to fix problem with nth-child pseudo selector.
  • Avoid outputting a rating of zero when product has comments without a review rating.
  • Do not throw a PHP notice if including the rest API handlers manually.
  • WooCommerce Tracker review count.
  • Coupon usage limit issue when applying coupon to order in the backend.
  • Fatal error when trying to apply virtual coupons to guest orders.
  • AJAX update order review doesn’t reload the page.
  • Variation matching returns incorrect values when using a large number of variations combined with 0 values attributes.
  • Password mismatch when user registered with password containing a double quote.
  • Minor Shipping Zone UI issue due to conflict with some browser extensions.
  • Make Products->Categories active when clicked on «Make Default» link under any product category.
  • Update URL describing how to increase PHP memory limit on system status page.
  • Sets the position of the tracking image to fixed, so it doesn’t affect page layout.
  • Button to manually update database in WooCommerce > Status > Tools.
  • Tracks blog ID retrieval from Jetpack options.
  • Fixed support to parentheses in phone numbers validation.

Other changes

  • Improve tooltip text describing the product sale dates in the product admin page.
  • Made NL postcode validation more flexible, allowing lowercase and missing space.
  • Display city field as optional for Singapore addresses.
  • Add filters to file paths passed to the different xsendfile like backends.

Remember to create a backup before installing updates.

(Picture Courtesy of Yuri Samoilov)