Critical XSS vuln fixed in Wordpress 4.2.3

ImageNews from out there about new technologies.

It will be updated when possible.
User avatar
Site developer
Site developer
Posts: 1084
Joined: Thursday March 25th, 2004 21h45:21
Location: Behind YOU

Critical XSS vuln fixed in Wordpress 4.2.3

Postby Juanm » Thursday July 23rd, 2015 14h05:01

One critical XSS, one excalation privilege vuln and many bugs going away
WordPress 4.2.3 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.2.2 and earlier are affected by a critical cross-site scripting vulnerability, which could allow anonymous users to compromise a site. This was reported by Jon Cave of the WordPress Security Team, and fixed by Robert Chapin.

We also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft. Reported by Netanel Rubin from Check Point Software Technologies.

Our thanks to those who have practiced responsible disclosure of security issues.

WordPress 4.2.3 also contains fixes for 20 bugs from 4.2. For more information, see the release notes or consult the list of changes.

Both cms and blog have been automatically updated to WP 4.2.3

Return to “Tech news”

Who is online

Users browsing this forum: CommonCrawl [Bot], Feedburner [Bot] and 4 guests