WordPress 4.9.6 Privacy And Maintenance Release

By Csaba, Miklós WP SERVICES 21 May 2018

WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features.

Privacy

The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site owners to be transparent about how they collect, use, and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared.

It’s important to understand that while the GDPR is a European regulation, its requirements apply to all sites and online businesses that collect, store, and process personal data about EU residents no matter where the business is located.

You can learn more about the GDPR from the European Commission’s Data Protection page.

We’re committed to supporting site owners around the world in their work to comply with this important law. As part of that effort, we’ve added a number of new privacy features in this release.

ASK US ANYTHING WORDPRESS RELATED: We can offer you confidently, SEVERAL OPTIONS to choose which one suits your needs better.

WP Consulting

Comments

Logged-out commenters will be given a choice on whether their name, email address and website are saved in a cookie on their browser.

Privacy Policy Page

Site owners can now designate a privacy policy page. This page will be shown on your login and registration pages. You should manually add a link to your policy to every page on your website. If you have a footer menu, that’s a great place to include your privacy policy.

In addition, we’ve created a guide that includes insights from WordPress and participating plugins on how they handle personal data. These insights can be copied and pasted into your site’s privacy policy to help you get started.

If you maintain a plugin that collects data, we recommend including that information in WordPress’ privacy policy guide. Learn more in our Privacy section of the Plugin Handbook.

It’s time to see THE BIG PICTURE!

WP Consulting

Data Handling

Data Export

Site owners can export a ZIP file containing a user’s personal data, using data gathered by WordPress and participating plugins.

Data Erasure

Site owners can erase a user’s personal data, including data collected by participating plugins.

Howdy,

A request has been made to perform the following action on your account:

Export Personal Data

To confirm this, please click on the following link:
https://.wordpress.org/wp-login.php?action=confirmaction…

You can safely ignore and delete this email if you do not want to
take this action.

This email has been sent to you@example.com.

Regards,
Your friends at WordPress
https://wordpress.org

Site owners have a new email-based method that they can use to confirm personal data requests. This request confirmation tool works for both export and erasure requests, and for both registered users and commenters.

Protect your WordPress: BEFORE IT'S TOO LATE! You will also protect your customers, your reputation and your online business!

WP Security

Maintenance

95 updates were made in WordPress 4.9.6. In addition to the above, particularly of note were:

“Mine” has been added as a filter in the media library.
When viewing a plugin in the admin, it will now tell you the minimum PHP version required.
We’ve added new PHP polyfills for forwards-compatibility and proper variable validation.
TinyMCE was updated to the latest version (4.7.11).

Ticket	Summary	Type	Priority
#43873	Relocate 'Privacy / Export / Erasure' pages into more appropriate menus	enhancement	high
#43931	Use associative array instead of numeric for exporters and erasers	enhancement	high
#43952	Database error inserting cron job on fresh install	defect (bug)	high
#43954	Showing the privacy policy admin notice on all screens is intrusive	enhancement	high
#44055	Don't show notice to the privacy policy guide when user cannot view the guide	defect (bug)	high
#44057	It's not obvious what to do if menu bubble for policy update appears	defect (bug)	high
#44091	Rename exports folder to avoid deleting other files	defect (bug)	high
#42202	REST API: no equivalent for `who=authors` to display potential authors	enhancement	normal
#42919	Unable to upload files with the AAC extension	defect (bug)	normal
#43374	PHP 7.2 Warning: count(): Parameter must be an array or an object that implements Countable in /wp-includes/theme.php on line 356	defect (bug)	normal
#43375	Incorrect 'old_slug_redirect_post_id' filter docs	defect (bug)	normal
#43435	Add settings screen for creating a privacy policy	enhancement	normal
#43436	Add opt-in for commenter cookies	enhancement	normal
#43440	Add personal data from comments to personal data export	enhancement	normal
#43442	Add tools for anonymizing of commenters	enhancement	normal
#43443	Add a method for confirmation of requests for deleting or anonymizing of personal data	enhancement	normal
#43473	Add default text for a privacy policy	enhancement	normal
#43481	Add tabs and placeholders to privacy tools page in wp-admin	enhancement	normal
#43491	Automatically create a Privacy Policy page when installing WordPress	enhancement	normal
#43545	Helper functions: Anonymizing data in a standardized way	enhancement	normal
#43547	Add personal data from usermeta/userdata to personal data export	enhancement	normal
#43551	Add a means to package personal data into a file	enhancement	normal
#43583	Introduce new PHP cross-version compat function `is_countable()`	enhancement	normal
#43619	Introduce new PHP cross-version compat function `is_iterable()`	enhancement	normal
#43620	Privacy Policy page design	enhancement	normal
#43637	Add filters and ajax support for personal data erasure	enhancement	normal
#43650	Add Requires PHP Version to Plugin - View Details	enhancement	normal
#43715	Add Privacy Policy link to bundled theme footers	enhancement	normal
#43721	Adding links to imprint and privacy policy pages on WP login screens	enhancement	normal
#43739	Include 'viewable' attribute on Post Type resource for 'edit' context	enhancement	normal
#43820	Add "Mine" filter for attachments similarly to posts and comments	enhancement	normal
#43843	Set nocache_headers in wp-signup.php	defect (bug)	normal
#43846	Fix Count Styling on Personal Data Request Tables Post Status Links	defect (bug)	normal
#43850	Add privacy policy URL template tags	enhancement	normal
#43852	Fix spacing on responsive for Use This Page button in Privacy Tools	defect (bug)	normal
#43862	TinyMCE: Update to 4.7.11	task (blessed)	normal
#43872	Add page template filter for all post types	enhancement	normal
#43883	Add a user's attachments to the personal data export file	enhancement	normal
#43894	Rename page / menu 'Privacy Tools' to 'Privacy Policy Page'	enhancement	normal
#43905	Personal data export link does not work	defect (bug)	normal
#43908	Export keeps generating new .zip files on Windows installations	defect (bug)	normal
#43909	Improve styling on personal data tables	defect (bug)	normal
#43911	Add mailto into Export/Erasure tables	enhancement	normal
#43913	On sending the personal data export email, the request should be marked COMPLETED	defect (bug)	normal
#43915	Bundled Themes: Bump version number and update changelog in all themes for 4.9.6 release	task (blessed)	normal
#43917	Set nocache_headers in wp-activate.php	defect (bug)	normal
#43919	Disable personal data export and personal data erasure for multisite (for now)	defect (bug)	normal
#43920	Use the terms erase / erasure instead of remove / removal for personal data	defect (bug)	normal
#43922	Data removal/erasure requests don't get marked as "Completed" after erasure happens	defect (bug)	normal
#43925	Inconsistencies in GDPR strings	defect (bug)	normal
#43926	Improve flow for privacy.php	enhancement	normal
#43929	Privacy pages: buttons should be buttons and other coding standards	defect (bug)	normal
#43934	Missing doc for the user_request_key_expiration filter	defect (bug)	normal
#43935	Limit Privacy Policy screen to Super Admins in Multisite	enhancement	normal
#43939	Fix spelling mistake - gdpr	defect (bug)	normal
#43940	Privacy Policy Settings: Don't show page selector if you don't have any pages	defect (bug)	normal
#43942	Add pointers informing users of the new privacy pages	enhancement	normal
#43945	Missing closing button tag in 'Live Preview' button	defect (bug)	normal
#43951	Typos in `WP_Privacy_Policy_Content::get_default_content()`	defect (bug)	normal
#43953	Seeing the `privacy policy text has changed` notice on fresh installs is confusing	defect (bug)	normal
#43961	Privacy Policy popup covers collapsed admin menu	defect (bug)	normal
#43964	"Email Data" button text - Make it more clear that an export link is sent, not the whole data?	enhancement	normal
#43965	GDPR Privacy Notes Don't Play Nice with Gutenberg	defect (bug)	normal
#43966	Prioritize the User group in Personal Data Exports to right below the About group	enhancement	normal
#43968	Add Request Type into Confirmation Email Subject for GDPR	enhancement	normal
#43969	Custom themes will not work in TinyMCE 4.7	defect (bug)	normal
#43970	Add request type to the confirmation confirmation page - GDPR	defect (bug)	normal
#43973	Email user once removal request completed - GDPR	defect (bug)	normal
#43980	Consider outputting the suggested privacy policy content to a new page insted of a postbox	defect (bug)	normal
#43984	Customize: JavaScript error when opening Text widget	defect (bug)	normal
#44015	Add `id` attribute to each row of privacy post list tables	defect (bug)	normal
#44016	user_request_action_email_content filter hook documentation inaccurate	defect (bug)	normal
#44026	Export and Erase Personal Data tables misaligned under 782px	defect (bug)	normal
#44031	Add personal data export request ID to the wp_privacy_personal_data_export_file_created hook	enhancement	normal
#44040	Potential PHP notice in `wp_ajax_wp_privacy_erase_personal_data()`	defect (bug)	normal
#44045	GDPR WP Pointer dismiss link can be unreachable	defect (bug)	normal
#44046	GDPR Privacy Policy Link in wp-login.php page can overflow other links	defect (bug)	normal
#44048	Privacy: exclude the wrapper from the default policy content	defect (bug)	normal
#44050	Privacy: Abandoned heading in `WP_Privacy_Policy_Content::get_default_content()`	defect (bug)	normal
#44054	Privacy: Escape the comment link output in the wp_comments_personal_data_exporter() function.	defect (bug)	normal
#44056	Fix markup for table of contents on privacy policy guide	defect (bug)	normal
#44062	Don't show privacy feature pointer to new users	defect (bug)	normal
#44063	Privacy policy guide: do not remove the "Suggested text has changed" bubble on saving the policy page	defect (bug)	normal
#44064	Define $title and $parent_file in privacy.php	defect (bug)	normal
#44065	Remove is-dismissible class from notice when privacy info has changed	defect (bug)	normal
#44075	GDPR inline documentation improvements	defect (bug)	normal
#44076	Add `wp_page_for_privacy_policy` to `populate_options()`	defect (bug)	normal
#44079	Require `manage_privacy_options` capability to edit the privacy policy page	defect (bug)	normal
#44092	Export/Erase tools: CSS issues with `next_steps` buttons with some locales	defect (bug)	normal
#44093	Proposed Adjustment to Privacy Settings buttons	enhancement	normal
#44113	Add `esc_html` to assertion in test_wp_comments_personal_data_exporter	defect (bug)	normal
#43438	Add filters and Ajax support for personal data export	enhancement	low
#43546	Add to the privacy tools UX a means to export personal data by username or email address	enhancement	low
#43602	Add to the privacy tools UX a means to erase personal data by username or email address	enhancement	low
#43967	Admin emails after email confirmation don't work for GDPR requests	enhancement	low

Ideas implemented from constrained points of view (biased developers, designers, sysadmins) will NOT BENEFIT YOUR online strategies, harming your long-term competitiveness.

WP Consulting