• Added craft\commerce\models\LineItemStatus::getDisplayName().
• Fixed a bug where Orders tables on user edit pages were showing an incorrect column heading.
• Fixed a bug where product selector modals didn’t have “Add a product” buttons. (#4205)
• Fixed a bug where order status and line item status names weren’t translatable. (#4213)
• Fixed a bug where it wasn’t possible to change a variant’s shipping category.
• Fixed an error that occurred when adjusting inventory levels with an adjustment of zero. (#4212)
• Fixed a SQL error that could occur when querying variants on PostgreSQL. (#4210)
• Fixed an error that could occur when merging canonical product changes into a draft. (#4199)
• Fixed a bug where variants weren’t being marked as modified when variants were added, deleted, or reordered. (#4222)
• Fixed high-severity SQL injection vulnerabilities in the control panel. (GHSA-j3x5-mghf-xvfw, GHSA-pmgj-gmm4-jh6j)
• Fixed a high-severity XSS vulnerability in the control panel. (GHSA-cfpv-rmpf-f624)
• Fixed low-severity XSS vulnerabilities in the control panel. (GHSA-mqxf-2998-c6cp, GHSA-wj89-2385-gpx3, GHSA-mj32-r678-7mvp)