4.16.1

2026-06-29 Security2

Security

  • Standardized email access confirmation AJAX responses to prevent distinguishable server responses.
  • Added additional escaping and sanitization to the Campaign Comments block and shortcode attributes (CVE-2026-13246).