WordPress 4.2.2 is available now
This is a critical security release for all previous versions
Version 4.2.2 addresses two security issues:
- The Genericons symbol textual style bundle, which is utilized as a part of various famous subjects and plugins, contained a HTML document defenseless against a cross-site scripting assault. Every influenced topic and plugins facilitated on WordPress.org (counting the Twenty Fifteen default subject) have been overhauled today by the WordPress security group to address this issue by evacuating this trivial document. To help ensure different Genericons utilization, WordPress 4.2.2 proactively examines the wp-content index for this HTML record and uproots it. Reported by Robert Abela of Netsparker.
- WordPress forms 4.2 and prior are influenced by a discriminating cross-site scripting powerlessness, which could empower mysterious clients to trade off a site. WordPress 4.2.2 incorporates a complete fix for this issue. Reported independently by Rice Adu and Tong Shi from Baidu[X-team].
The release also includes hardening for a potential cross-site scripting vulnerability when using the visual editor. This issue was reported by Mahadev Subedi.
Want to know more ?
Fill out the Contact Form Below
Some clients that choose Straight Up Digital