MODX Revolution 2.5.2—Important Security Fixes and More

by Jay Stephen Gilmore

Published on November 14, 2016

Revolution 2.5.2 was released today. This patch release addresses a number of important security issues affecting all previous releases of MODX Revolution. In addition, there were a number of bugfixes and minor improvements.

This is release includes critical security enhancements and should be considered a mandatory upgrade.

Highlights of 2.5.2

Here are some of the highlights of 2.5.2:

  • Security—MODX has high standards for security and this release predominantly focuses on the areas that were found and fixed by the contributors listed below
  • Bugfixes—several small bugs were fixed in this release, creating a better experience for MODX users
  • Updates—phpThumb was updated to the latest version, and support for newer versions of MySQL improved to ensure MODX Revolution is compatible with current releases of other software used alongside MODX

For a complete list of changes in Revolution 2.5.2 read the changelog. If you haven’t upgraded to MODX Revolution 2.5.x yet, learn more from its original release announcement.

Upgrading Is Critical

We cannot stress the importance of diligently upgrading to the latest version of MODX enough. While no software is 100% secure, powering your site with the most current version usually helps protect you from hackers that rely on exploiting outdated software. If you’re not sure what version of MODX Revolution you’re running, login to your website Manager. If it is not shown at the top left hand corner of the Manager, go to Manage>Reports>System Info.

If you need help upgrading your site, please contact your website builder, find a MODX Professional or get in touch with MODX Support.

Special Thanks

We would like to especially thank the following community members who helped identify and resolve these important security issues. They have helped make MODX Revolution more secure:

Please let them know you appreciate their efforts.

Release Contributors

Let’s take the time to thank the individual contributors to this release (in alphabetical order by GitHub username): Alexander Herling, Andrey, Anton Pastukhoff, appchecker, argnist, Bruno17, Christian Seel, Elizabeth, Fabian Christen, Gildas NOEL, goldsky, ilyautkin, inreti, Ivan Klimchuk, Jan Peca, Jan Tezner, Jan-Christoph Ihrens, Jason Coward, Jay Gilmore, Jens Külzer, Johan van der Molen, JP DeVries, Kirill, Lars Bratke, lefthandmedia, Liam Kerr, Lukas Zahnd, Maarten Wolzak, Mark Hamstra, Mat Dave Jones, Mike Reid, Nikolay Lanets, Oleg, oori, OptimusCrime, Realetive, Romain, Ronald Exterkate, sepiariver, Sergey Shlokov, Susan Ottwell, Thomas Jakobi, Treigh, Vague Rabbit, Vasily Naumkin, ViieeS, Whitebyte, Zaigham Rana, володя, and Илья Уткин.

Get Started with Revo 2.5

Here’s what you need to get started or upgrade to MODX Revolution 2.5:

Ask Not What MODX Can Do For You

MODX is possible because of the many individual community members and users that take the time to report issues, request new features, and submit code to the project. Make sure you read the documentation, post feedback and share your experiences in the MODX community forums.

On behalf of the entire MODX Team, We thank you!

Millions Rely on MODX

In 2005, MODX could power a fully mobile-responsive website using HTML5 and CSS3, even though those technologies weren’t invented yet. And with MODX today, you’re ready not only for what you need now but also what comes next.

Try MODX Right Now