WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features.

Privacy
The European Unionโs General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site owners to be transparent about how they collect, use, and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared.
Itโs important to understand that while the GDPR is a European regulation, its requirements apply to all sites and online businesses that collect, store, and process personal data about EU residents no matter where the business is located.
You can learn more about the GDPR from the European Commissionโs Data Protection page.
Weโre committed to supporting site owners around the world in their work to comply with this important law. As part of that effort, weโve added a number of new privacy features in this release.
Comments

Logged-out commenters will be given a choice on whether their name, email address, and website are saved in a cookie on their browser.
Privacy Policy Page

Site owners can now designate a privacy policy page. This page will be shown on your login and registration pages. You should manually add a link to your policy to every page on your website. If you have a footer menu, thatโs a great place to include your privacy policy.
In addition, weโve created a guide that includes insights from WordPress and participating plugins on how they handle personal data. These insights can be copied and pasted into your siteโs privacy policy to help you get started.
If you maintain a plugin that collects data, we recommend including that information in WordPressโ privacy policy guide. Learn more in our Privacy section of the Plugin Handbook.
Data Handling

Data Export
Site owners can export a ZIP file containing a userโs personal data, using data gathered by WordPress and participating plugins.
Data Erasure
Site owners can erase a userโs personal data, including data collected by participating plugins.
Howdy,
A request has been made to perform the following action on your account:
Export Personal Data
To confirm this, please click on the following link:
http://.wordpress.org/wp-login.php?action=confirmactionโฆYou can safely ignore and delete this email if you do not want to
take this action.This email has been sent to you@example.com.
Regards,
Your friends at WordPress
http://wordpress.org
Site owners have a new email-based method that they can use to confirm personal data requests. This request confirmation tool works for both export and erasure requests, and for both registered users and commenters.
Maintenance
95 updates were made in WordPress 4.9.6. In addition to the above, particularly of note were:
- โMineโ has been added as a filter in the media library.
- When viewing a plugin in the admin, it will now tell you the minimum PHP version required.
- Weโve added new PHP polyfills for forwards-compatibility and proper variable validation.
- TinyMCE was updated to the latest version (4.7.11).
This post has more information about all of the issues fixed in 4.9.6 if youโd like to learn more.
Download WordPress 4.9.6 or venture over to Dashboard ? Updates and click โUpdate Now.โ Sites that support automatic background updates will start updating soon.
Please note that if youโre currently on WordPress 4.9.3, you should manually update your site immediately.