Blesta logo
 Get Started

Blesta 5.13.3 Patch Released

January 31, 2026
Paul

We are pleased to announce the released of Blesta 5.13.3, which addresses bugs discovered in the 5.13 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!

The release notes are available at https://docs.blesta.com/support/releases/5/5133/.

Always run /admin/upgrade in your browser or via CLI after updating the files for your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply this patch if you are running 5.13.0, 5.13.1, or 5.13.2. If you are running an earlier version, you must download the full release.

Download 5.13.3 Patch Download 5.13.3 Full

SHA256 Sum

% blesta-5.13.3.zip
6a58da9013f86b43fbd94210198c003159bd7c1e351bdb845e5865bc4ab967be

% blesta-5.13.2-5.13.3.zip
4c63bfc7c7968207e6092d016c8e416ed1fc8f3c8c2de6bf5363be6a54e625f9

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Related Tags:

Security Advisory

January 28, 2026
Paul

Several security issues affecting Blesta versions 3.0.0 through 5.13.1 have been identified.

An input validation vulnerability (CORE-5665) and object injection vulnerabilities (CORE-5668, CORE-5680) have been discovered. One of these vulnerabilities could potentially allow remote code execution under certain conditions. We recommend applying the appropriate patch for your release, or upgrading to version 5.13.3 as soon as possible. We give this an impact rating of Critical.

Update (January 31, 2026): Version 5.13.3 has been released to address regressions introduced in 5.13.2. Please use 5.13.3 instead of 5.13.2 for both full and patch downloads.

More information about how we rate vulnerabilities can be found on our Security Advisories page.

Always back up your files and database prior to upgrading and be sure to run /admin/upgrade in your browser after uploading either a patch or full release. Patch releases may only be applied to the minor release to which it belongs, so download the appropriate patch for your minor version. If you are running a version of Blesta between 3.0 and 5.10, upgrade to 5.13.3.

Downloads

Download 5.13.3 Patch Download 5.13.3 Full 

% blesta-5.13.3.zip
6a58da9013f86b43fbd94210198c003159bd7c1e351bdb845e5865bc4ab967be

% blesta-5.13.0-5.13.3.zip
4c63bfc7c7968207e6092d016c8e416ed1fc8f3c8c2de6bf5363be6a54e625f9

Download 5.12.4 Patch 

% blesta-5.12.0-5.12.4.zip
2bd8d7819f7b528c0b15f44e9f7c9e591515e1a9933fd029f65d0e16989f53ce

Download 5.11.5 Patch 

% blesta-5.11.0-5.11.5.zip
5a6c872297624cd34dc64d5460f7946cf4b28ca29a5a89bec4ca2a951b2e5e6b

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Full Release Notes for 5.13.2

  • [CORE-5619] - Generic Domains: .cl TLDs report as always available
  • [CORE-5624] - Security Fix
  • [CORE-5631] - CMS: Default URI shared between multiple companies
  • [CORE-5660] - Amazon S3 vendor code update not shipping with Blesta
  • [CORE-5661] - PostalMethods returns error, possible API change
  • [CORE-5662] - Adding Payment accounts can result in an error
  • [CORE-5665] - Security fix
  • [CORE-5668] - Security fix
  • [CORE-5669] - Investigate potential month date name display issues
  • [CORE-5670] - Stripe Payments: Possible rounding bug
  • [CORE-5671] - Invoice PDF’s do not observe the internationalization of dates
  • [CORE-5678] - Clients attempting to use “Forgot Password” encounter a blank screen
  • [CORE-5679] - Coupons no longer apply to config options when “Apply to Configurable Options” is checked
  • [CORE-5680] - Security fix
  • [CORE-5690] - Order: Limit keyword searches to spotlight TLDs

Resolution

  • If you are running version 5.13.x, apply the 5.13.3 patch above.
  • If you are running version 5.12.x, apply the 5.12.4 patch above.
  • If you are running version 5.11.x, apply the 5.11.5 patch above.
  • If you are running version 3.0.x through 5.10.x, upgrade to 5.13.3 Full.

Mitigation

It is best to upgrade to 5.13.3 or apply the appropriate patch. However, if you are running an affected unsupported version of Blesta (version 3.0 through 5.10), and you need more time to upgrade, it is possible to mitigate the most serious vulnerability for which we gave this an impact rating of Critical. If you have the 2Checkout payment gateway installed, update it to the latest version from the repository on GitHub: https://github.com/blesta/gateway-2checkout

Credits

Some of these issues were reported by Egidio Romano of Karma(In)Security in accordance with our Responsible Disclosure Policy. Other issues were discovered internally.

Related Tags:

Blesta 5.13.1 Patch Released

January 14, 2026
Paul

We are pleased to announce the released of Blesta 5.13.1, which addresses bugs discovered in the 5.13 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!

The release notes are available at https://docs.blesta.com/support/releases/5/5131/.

Always run /admin/upgrade in your browser or via CLI after updating the files for your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply this patch if you are running 5.13.0. If you are running an earlier version, you must download the full release.

Download 5.13.1 Patch Download 5.13.1 Full

SHA256 Sum

% blesta-5.13.1.zip
5421c8130275453dd2a73a43b50cd4cd188f3530c3c30c42cd306130482f67ec

% blesta-5.13.0-5.13.1.zip
c1303f2844f945176fb044a49862f94201cd21e7b438fc6a3386f8a7e9dfef1a

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Related Tags:

Blesta 5.12.3 Patch Released

October 21, 2025
Paul

We are pleased to announce the released of Blesta 5.12.3, which addresses bugs discovered in the 5.12 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!

The release notes are available at https://docs.blesta.com/support/releases/5/5123/.

Always run /admin/upgrade in your browser or via CLI after updating the files for your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply this patch if you are running 5.12.0, 5.12.1, or 5.12.2. If you are running an earlier version, you must download the full release.

Download 5.12.3 Patch Download 5.12.3 Full

SHA256 Sum

% blesta-5.12.3.zip
76928eb82fe640b2cbeaa1b6e09dcafcef31b6930e39d22506e13b17a9fb80a8

% blesta-5.12.0-5.12.3.zip
99a3e3a83623f4703b57b912185ef8926bb11859a07e07c2e40a16c0ead14480

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Related Tags:

Blesta 5.12.2 Patch Released

September 16, 2025
Paul

We are pleased to announce the released of Blesta 5.12.2, which addresses bugs discovered in the 5.12 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!

The release notes are available at https://docs.blesta.com/support/releases/5/5122/.

Always run /admin/upgrade in your browser or via CLI after updating the files for your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply this patch if you are running 5.12.0 or 5.12.1. If you are running an earlier version, you must download the full release.

Download 5.12.2 Patch Download 5.12.2 Full

SHA256 Sum

% blesta-5.12.2.zip
806be6c393d3680a04f15950d5ea8d452e409a31f1da45f67cbd49a23ce5d4bd

% blesta-5.12.0-5.12.2.zip
3fd027a421569a2f128392289ac47e34b00ae75a38ff033cdb4c66242d7128de

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Related Tags:
Top