PHP 8.5 available on WordPress VIP

We’re excited to announce support for PHP 8.5, the latest stable release of PHP. This version continues PHP’s steady evolution, focusing on improved language ergonomics, better debugging capabilities, and new standard functionality.

What’s new in PHP 8.5

PHP 8.5 introduces a number of incremental but meaningful improvements aimed at developer productivity, code clarity, along with debugging quality-of-life improvements.

Language improvements

PHP 8.5 adds several features that make code easier to read, reason about, and maintain:

  • Pipe operator (|>)
    Enables left-to-right function chaining, reducing nesting and improving readability in data-transformation workflows.
  • Property initialization during cloning
    Objects can now be modified directly as part of the clone operation, simplifying immutable object patterns.
  • First-class callables in constant expressions
    Static closures and first-class callables can now be used in constant expressions. This includes attribute parameters, default values of properties and parameters, and constants.
  • #[\NoDiscard] attribute
    Allows developers to signal that a function’s return value should not be ignored, helping prevent subtle logic errors.

New standard library features

PHP 8.5 adds commonly requested utilities directly to the language runtime:

  • URI extension
    A new built-in extension for standards-compliant URI parsing and manipulation, reducing the need for third-party libraries.
  • array_first() and array_last()
    Convenience functions for retrieving the first or last element of an array without manual pointer handling.
  • Persistent cURL share handles
    Improve performance by allowing connection reuse across requests.

Diagnostics and tooling

Operational visibility and debugging have been improved:

  • Stack traces for fatal errors
    Fatal errors now include stack traces, making critical issues easier to diagnose.

For a full breakdown of changes, visit the PHP 8.5 Release Announcement.

Testing your application with PHP 8.5

It’s always a good idea to test your application code with every new release of PHP. WordPress VIP recommends that you use several methods to prepare for a PHP upgrade.

Scan your codebase for incompatibilities

Review the WordPress VIP documentation “Prepare application code for a PHP version upgrade” guide and perform the scan.

Test with the VIP Local Development Environment

We recommend using the VIP Local Development Environment to test your application code locally.

Create a new environment with PHP 8.5: 

vip dev-env create --slug=mytestsite --php=8.5

Or update an existing local environment with PHP 8.5: 

vip dev-env update --slug=mytestsite --php=8.5

Test with a non-production VIP Platform environment

To update your non-production environments to PHP 8.5, either use the Software Management feature in the VIP Dashboard, or run the vip config software update command with VIP-CLI. For example:

vip @mytestsite.testing config software update php 8.5

Let VIP do the heavy lifting!

Instead of the do-it-yourself approach, focus on your key priorities while our experienced staff manage, validate, and implement your PHP update for you with the specific needs of your applications in mind. Maximize your team’s resources, improve site stability, and unlock peace of mind with our Upgrade Assurance Service. If you’re interested in learning more, please connect with your Relationship Manager, or reach out to our Support Team.

Note that at this time:

Parse.ly Plugin 3.22: New Release and Default Version

We are excited to announce version 3.22 of the wp-parsely plugin provisioned by WordPress VIP’s MU plugins. This new version will become available for testing in non-production VIP environments on Tuesday, January 13, 2026. Version 3.22 will be released to production as the default version of wp-parsely on Tuesday, January 20, 2026.

What’s new

  • This is mainly a maintenance release focusing on dependency updates.
  • The Parse.ly Content Intelligence Sidebar now features a “Boost Engagement” button, which opens Engagement Boost for the current post.

Call for Testing: Jetpack 15.4

Jetpack 15.4 is available now for testing and the download link is available here

Jetpack 15.4 will be deployed to VIP on Tuesday, January 20, 2026*. The upgrade is expected to be performed at 17:00 UTC (1:00PM ET).

*This deployment date and time are subject to change if issues are discovered during testing of the Jetpack release.

A full list of changes is available in the commit log.

What do I need to do?

We recommend the below:

  1. Installing the release on your non-production sites using these instructions.
  2. Running through the testing flows outlined in the Jetpack Testing Guide.

As you’re testing, there are a few things to keep in mind:

  • Check your browser’s JavaScript console and see if there are any errors reported by Jetpack there.
  • Use Query Monitor to help make PHP notices and warnings more noticeable and report anything you see.

Questions?

If you have any questions, related to this release, please open a support ticket and we will be happy to assist.

Collaborative Editing is here: Real-time collaboration and Notes

Editorial teams have long stitched together multiple tools to get content out the door — drafting in one place, reviewing in another, and finally pasting everything into WordPress to publish. That workflow introduced friction, delays, and unnecessary risk.

We’ve been working hard to save your team time and accelerate your content workflows.

WordPress VIP now supports collaborative editing, bringing real-time co-authoring and contextual feedback directly into the WordPress editor. Teams can work together on the same draft, simultaneously, without compromising governance, performance, or security.

What’s new

Real-time collaboration

Multiple users can now edit the same post or page simultaneously.

  • Presence avatars show who’s in the document and where they’re working.
  • Edits appear instantly — no refresh required.
  • Changes stay fully synchronized, eliminating version conflicts and overwrite risks.

This removes one of the most common blockers in CMS workflows: waiting for someone else to finish editing. Instead of serial handoffs, teams collaborate in parallel — safely and transparently.

Block-level commenting (Notes)

With the release of WordPress 6.9, Notes now bring in-context feedback directly into the editor.

  • Leave comments on specific blocks.
  • Resolve comments as feedback is addressed to keep drafts clean.
  • Keep discussion tied to content — not scattered across email or chat.

Notes make reviews clearer and more actionable, whether feedback is coming from editors, designers, or compliance reviewers.

Why it matters

Collaborative editing turns content creation from a relay race into a shared workspace.

  • Faster publishing cycles through live co-authoring and inline feedback.
  • Fewer tools to manage by consolidating drafting, review, and publishing in WordPress.
  • Stronger governance with version control, permissions, and auditability preserved.

All of this runs on WordPress VIP’s enterprise-grade infrastructure, including a managed sync server that keeps edits aligned across users while maintaining unmatched reliability and security at scale.

What’s next

Real-time Collaboration will likely become widely available in WordPress core with version 7.0 later this year. For the time being, WordPress VIP customers get exclusive first access to it in the editor. From Remote Data Blocks to our Integrations Center, WordPress VIP is leading innovation in WordPress and delivering cutting-edge features for the world’s most popular CMS. 

Get started

Administrators can activate Real-time collaboration from the Integrations Center in the VIP Dashboard. It must be enabled at both the organization and application levels. Block-level commenting (Notes) is live with WordPress 6.9. 

If you’ve ever wanted your CMS to feel as intuitive as Google Docs — without giving up enterprise governance — collaborative editing is ready for you.

Security Update: Additional Next.js + React Server Components Vulnerabilities (CVE-2025-55183, CVE-2025-55184, CVE-2025-67779)

WordPress VIP continues to monitor and respond to the evolving security issues affecting React Server Components and frameworks that rely on them, including Next.js. Since our earlier advisory, several additional high-severity vulnerabilities have been published.

What’s new

Newly disclosed issues affecting React Server Components include:

  • CVE-2025-55183possible source code exposure
  • CVE-2025-55184denial-of-service conditions
  • CVE-2025-67779an update expanding the denial-of-service vulnerability class associated with CVE-2025-55184

These issues follow the earlier React2Shell (CVE-2025-55182) remote code execution vulnerability (CVSS 10.0), which continues to see active scanning and exploitation attempts globally.

Official advisories:

Customer impact

Applications using React Server Components or affected versions of Next.js may be exposed to denial-of-service behavior, unintended disclosure of source code, or other runtime issues depending on application structure and use of RSC features.

Actions taken by WordPress VIP

We have implemented protective mitigations across the platform intended to reduce exposure to known exploit patterns associated with these newly disclosed vulnerabilities. We continue to monitor for emerging techniques and will adjust mitigations as new information becomes available.

We have also contacted customers running configurations that may be affected.

Required customer action

It is imperative that all customers using React Server Components or vulnerable versions of Next.js upgrade to the latest patched releases as soon as possible. Upstream updates contain important security fixes that provide the most complete protection against these issues and future related variants.

If you are unsure whether your application is affected or need guidance on updating, please contact VIP Support.

Ongoing commitment

WordPress VIP will continue working closely with upstream maintainers and monitoring ongoing research to ensure our customers remain protected. Additional updates will be posted when new information becomes available.

Security Advisory: React and Next.js Vulnerabilities (CVE-2025-66478 / CVE-2025-55182)

WordPress VIP is aware of recently disclosed critical vulnerabilities affecting React Server Components and frameworks built on top of them, including Next.js.

Summary

On December 3, 2025, the React and Next.js teams disclosed critical vulnerabilities:

These vulnerabilities could allow unauthorized access to server-side data in certain configurations of applications using React Server Components or affected Next.js versions.

Impact on WordPress VIP customers

A limited number of VIP customers run applications built on Next.js that are impacted by these disclosures.

WordPress VIP has:

  1. Reached out directly to all customers running affected versions of Next.js.
  2. Implemented protective mitigations to shield all VIP environments from known exploit patterns.

We will continue to monitor for emerging attack signatures and adjust our mitigation strategy as new information becomes available.

Recommended actions for customers

  • If you operate a custom application using Next.js or React Server Components, please ensure you update immediately to a patched version as recommended by the upstream maintainers, and follow the guidelines our team shared directly with your organization.
  • Review official vendor guidance and changelogs:
  • If you are unsure whether your application is affected, please contact VIP Support.

Our commitment

Security is core to the WordPress VIP platform. We are actively collaborating with upstream maintainers and continuously refining mitigations to ensure all customer workloads remain protected. Updates will be provided if further information becomes available.

Now Available: WordPress 6.9

WordPress 6.9, “Gene”, has been released. In keeping with the WordPress version numbering convention, 6.9 is a major release.

WordPress 6.9 brings many enhancements, including:

  • Notes: Seamless, Block-Level Collaboration: With notes attached directly to blocks in the post editor, your team can stay aligned, track changes, and turn feedback into action all in one place. Whether you’re working on copy or refining design in your posts or pages, collaboration happens seamlessly on the canvas itself.
  • Command Palette Throughout the Dashboard: Access the Command Palette from any part of the dashboard, whether you’re writing your latest post, deep in design in the Site Editor, or browsing your plugins. Everything you need, just a few keystrokes away.
  • Fit text to container: There’s a new typography option for text-based blocks that’s been added to the Paragraph and Heading blocks. This new option automatically adjusts font size to fill its container perfectly, making it ideal for banners, callouts, and standout moments in your design.
  • The Abilities API: WordPress 6.9 lays the groundwork for the future of automation with the unified Abilities API. By creating a standardized registry for site functionality, developers can now register, validate, and execute actions consistently across any context—from PHP and REST endpoints to AI agents—paving the way for smarter, more connected WordPress experiences.
  • Accessibility Improvements: More than 30 accessibility fixes sharpen the core WordPress experience. These updates improve screen reader announcements, hide unnecessary CSS-generated content from assistive tech, fix cursor placement issues, and make sure typing focus stays put even when users click an autocomplete suggestion.
  • Performance enhancements: WordPress 6.9 delivers significant frontend performance enhancements, optimizing the site loading experience for visitors. 6.9 boasts an improved LCP (Largest Contentful Paint) through on-demand block styles for classic themes, minifying block theme styles, and increasing the limit for inline styles – removing blockages to page rendering and clearing the rendering path by deprioritizing non-critical scripts. This release comes with many more performance boosts, including optimized database queries, refined caching, and a new template enhancement output buffer that opens the door for more future optimizations.

Learn more about the highlights of WordPress 6.9.

For more details about this release (including specific changes), please see the announcement post and Field Guide.

Questions

If you have any questions about this release, please open a support ticket, and we will gladly assist.