WordPress 5.1.1 security and maintenance release is now available. The update released on Wednesday includes 14 fixes and enhancements.
Two security vulnerabilities in WordPress versions 5.1 and earlier were fixed in 5.1.1.
According to the latest release, the patches address how comments are filtered and then stored in the database. A maliciously crafted comment included in a WordPress post is vulnerable to cross-site scripting.
The update also includes additional guidance for WordPress site admins to prepare for upcoming 5.2 release, which will require minimum PHP version upgrade.