WordPress 4.2.2 is available now

This is a critical security release for all previous versions

Version 4.2.2 addresses two security issues:

  • The Genericons symbol textual style bundle, which is utilized as a part of various famous subjects and plugins, contained a HTML document defenseless against a cross-site scripting assault. Every influenced topic and plugins facilitated on¬†WordPress.org (counting the Twenty Fifteen default subject) have been overhauled today by the WordPress security group to address this issue by evacuating this trivial document. To help ensure different Genericons utilization, WordPress 4.2.2 proactively examines the wp-content index for this HTML record and uproots it. Reported by Robert Abela of Netsparker.
  • WordPress forms 4.2 and prior are influenced by a discriminating cross-site scripting powerlessness, which could empower mysterious clients to trade off a site. WordPress 4.2.2 incorporates a complete fix for this issue. Reported independently by Rice Adu and Tong Shi from Baidu[X-team].

The release also includes hardening for a potential cross-site scripting vulnerability when using the visual editor. This issue was reported by Mahadev Subedi.

Like this Post ?

    We are based on the Gold Coast

    Our clients are all over Australia and New Zealand