WordPress 6.8.3 Release

<div>&NewLine;<p><strong>WordPress 6&period;8&period;3 is now available&excl;<&sol;strong><&sol;p>&NewLine;<p>This is a security release that features two fixes&period;<&sol;p>&NewLine;<p>Because this is a security release&comma;<strong> it is recommended that you update your sites immediately<&sol;strong>&period;<&sol;p>&NewLine;<p>You can <a href&equals;"https&colon;&sol;&sol;wordpress&period;org&sol;wordpress-6&period;8&period;3&period;zip">download WordPress 6&period;8&period;3 from WordPress&period;org<&sol;a>&comma; or visit your WordPress Dashboard&comma; click &OpenCurlyDoubleQuote;Updates”&comma; and then click &OpenCurlyDoubleQuote;Update Now”&period; If you have sites that support automatic background updates&comma; the update process will begin automatically&period;<&sol;p>&NewLine;<p>The next major release will be <a href&equals;"https&colon;&sol;&sol;make&period;wordpress&period;org&sol;core&sol;6-9&sol;">version 6&period;9<&sol;a>&comma; which is planned for December 2nd&comma; 2025&period;<br &sol;>For more information on WordPress 6&period;8&period;3&comma; please visit the <a href&equals;"https&colon;&sol;&sol;wordpress&period;org&sol;documentation&sol;wordpress-version&sol;version-6-8-3&sol;">version page on the HelpHub site<&sol;a>&period;<&sol;p>&NewLine;<h2 class&equals;"wp-block-heading">Security updates included in this release<&sol;h2>&NewLine;<p>The security team would like to thank the following people for <a href&equals;"https&colon;&sol;&sol;hackerone&period;com&sol;wordpress&quest;type&equals;team">responsibly reporting vulnerabilities<&sol;a>&comma; and allowing them to be fixed in this release&colon;<&sol;p>&NewLine;<ul class&equals;"wp-block-list">&NewLine;<li>A data exposure issue where authenticated users could access some restricted content&period; Independently reported by <a href&equals;"https&colon;&sol;&sol;hackerone&period;com&sol;mnelson4">Mike Nelson<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;hackerone&period;com&sol;hurayraiit">Abu Hurayra<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;timothyblynjacobs&sol;">Timothy Jacobs<&sol;a>&comma; and <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;peterwilsoncc&sol;">Peter Wilson<&sol;a>&period;<&sol;li>&NewLine;<li>A cross-site scripting &lpar;XSS&rpar; vulnerability requiring an authenticated user role that affects the nav menus&period; Reported by <a href&equals;"https&colon;&sol;&sol;x&period;com&sol;Savphill">Phill Savage<&sol;a>&period;<&sol;li>&NewLine;<&sol;ul>&NewLine;<p>As a courtesy&comma; these fixes have also been made available to all branches eligible to receive security fixes &lpar;currently through 4&period;7&rpar;&period; As a reminder&comma; <strong>only the most recent version of WordPress is actively supported<&sol;strong>&period;<&sol;p>&NewLine;<h2 class&equals;"wp-block-heading">Thank you to these WordPress contributors<&sol;h2>&NewLine;<p>This release was led by <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;johnbillion&sol;">John Blackbourn<&sol;a>&period;<&sol;p>&NewLine;<p>In addition to the security researchers and release squad members mentioned above&comma; WordPress 6&period;8&period;3 would not have been possible without the contributions of the following people&colon;<&sol;p>&NewLine;<p><a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;jorbin">Aaron Jorbin<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;hurayraiit">Abu Hurayra<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;zieladam">Adam Zieli&nacute;ski<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;xknown">Alex Concha<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;andraganescu&percnt;20">Andrei Draganescu<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;davidbaumwald&sol;">David Baumwald<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;ehtis">Ehtisham Siddiqui<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;iandunn">Ian Dunn<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;whyisjake">Jake Spurlock<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;audrasjb">Jb Audras<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;joehoyle">Joe Hoyle<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;johnbillion">John Blackbourn<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;jonsurrell">Jon Surrell<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;desrosj">Jonathan Desrosiers<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;mnelson4">Michael Nelson<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;peterwilsoncc">Peter Wilson<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;phillsav">Phill<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;noisysocks">Robert Anderson<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;rmccue">Ryan McCue<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;coffee2code&sol;">Scott Reilly<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;timothyblynjacobs">Timothy Jacobs<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;vortfu">vortfu<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;westonruter">Weston Ruter<&sol;a><&sol;p>&NewLine;<h2 class&equals;"wp-block-heading">How to contribute<&sol;h2>&NewLine;<p>To get involved in WordPress core development&comma; head over to Trac&comma; <a href&equals;"https&colon;&sol;&sol;core&period;trac&period;wordpress&period;org&sol;report&sol;6">pick a ticket<&sol;a>&comma; and join the conversation in the <a href&equals;"https&colon;&sol;&sol;app&period;slack&period;com&sol;client&sol;T024MFP4J&sol;C02RQBWTW">&num;core<&sol;a> Slack channel&period; Need help&quest; Check out the <a href&equals;"https&colon;&sol;&sol;make&period;wordpress&period;org&sol;core&sol;handbook&sol;tutorials&sol;faq-for-new-contributors&sol;">Core Contributor Handbook<&sol;a>&period;<&sol;p>&NewLine;<p>Props to <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;ehtis&sol;">Ehtisham Siddiqui<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;johnbillion&sol;">John Blackbourn<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;paulkevan&sol;">Paul Kevan<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;desrosj&sol;">Jonathan Desrosiers<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;jorbin&sol;">Aaron Jorbin<&sol;a>&comma; <a href&equals;"https&colon;&sol;&sol;profiles&period;wordpress&period;org&sol;westonruter">Weston Ruter<&sol;a> for reviewing&period;<&sol;p>&NewLine;<&sol;div>&NewLine;