Categories: WordPress News

WordPress 6.8.3 Release

WordPress 6.8.3 is now available!

This is a security release that features two fixes.

Because this is a security release, it is recommended that you update your sites immediately.

You can download WordPress 6.8.3 from WordPress.org, or visit your WordPress Dashboard, click “Updates”, and then click “Update Now”. If you have sites that support automatic background updates, the update process will begin automatically.

The next major release will be version 6.9, which is planned for December 2nd, 2025.
For more information on WordPress 6.8.3, please visit the version page on the HelpHub site.

Security updates included in this release

The security team would like to thank the following people for responsibly reporting vulnerabilities, and allowing them to be fixed in this release:

  • A data exposure issue where authenticated users could access some restricted content. Independently reported by Mike Nelson, Abu Hurayra, Timothy Jacobs, and Peter Wilson.
  • A cross-site scripting (XSS) vulnerability requiring an authenticated user role that affects the nav menus. Reported by Phill Savage.

As a courtesy, these fixes have also been made available to all branches eligible to receive security fixes (currently through 4.7). As a reminder, only the most recent version of WordPress is actively supported.

Thank you to these WordPress contributors

This release was led by John Blackbourn.

In addition to the security researchers and release squad members mentioned above, WordPress 6.8.3 would not have been possible without the contributions of the following people:

Aaron Jorbin, Abu Hurayra, Adam Zieliński, Alex Concha, Andrei Draganescu, David Baumwald, Ehtisham Siddiqui, Ian Dunn, Jake Spurlock, Jb Audras, Joe Hoyle, John Blackbourn, Jon Surrell, Jonathan Desrosiers, Michael Nelson, Peter Wilson, Phill, Robert Anderson, Ryan McCue, Scott Reilly, Timothy Jacobs, vortfu, Weston Ruter

How to contribute

To get involved in WordPress core development, head over to Trac, pick a ticket, and join the conversation in the #core Slack channel. Need help? Check out the Core Contributor Handbook.

Props to Ehtisham Siddiqui, John Blackbourn, Paul Kevan, Jonathan Desrosiers, Aaron Jorbin, Weston Ruter for reviewing.

A WordPress Commenter

Leave a Comment
Share
Published by
A WordPress Commenter
6 months ago

Recent Posts

From AI to Open Source at WordCamp Asia 2026

April 9-11, 2026 | Jio World Convention Centre, Mumbai, India WordCamp Asia 2026 brings the…

23 hours ago

WordPress 7.0 Release Candidate 2

The second Release Candidate (“RC2”) for WordPress 7.0 is ready for download and testing! This…

1 week ago

WP Packages is Working the Way Open Source Should

When WP Engine acquired WPackagist on March 12, the WordPress developer community faced a familiar…

1 week ago

WordPress 7.0 Release Candidate 1

The first Release Candidate (“RC1”) for WordPress 7.0 is ready for download and testing! This…

1 week ago

WordPress 7.0 Beta 5

WordPress 7.0 Beta 5 is ready for download and testing! This version of the WordPress…

3 weeks ago

WordPress 6.9.4 Release

WordPress 6.9.4 is now available! WordPress 6.9.2 and WordPress 6.9.3 were released yesterday, addressing 10…

3 weeks ago