WordPress Cluster 9.8.55

• Embeds
  • Adding HTTP header Content-Security-Policy: frame-ancestors ‘self’ the same place as SAMEORIGIN (every page that is not an embed) to plug a bypass

PR: https://github.com/dc-thomson/wordpress/pull/3994