WordPress 4.2.2 Update Fixes Several Vulnerabilities
Publish: 2015-05-07 | Modify: 2015-05-07
Recently, WordPress has been plagued by vulnerabilities. In a previous article, "WordPress Exposes Stored XSS Vulnerability, Affecting Versions 4.2 and Below", the official release of the latest version, WordPress 4.2.2, was announced this afternoon. This is a security update that primarily fixes this cross-site vulnerability. It is recommended that everyone upgrade to version 4.2.2 immediately to ensure site security.
According to the official announcement, the default theme includes a functionality to generate an icon file (genericons), which has been found to be vulnerable. The official fix for this vulnerability appears to have involved deleting the genericons/example.html file from the theme. Additionally, another cross-site security vulnerability that was discovered previously has also been fixed in this version. Furthermore, this version also addresses a cross-site scripting vulnerability in the visual editor and other compatibility issues.
Before upgrading, please make sure to backup your website.
Comments
xiaoz
I come from China and I am a freelancer. I specialize in Linux operations, PHP, Golang, and front-end development. I have developed open-source projects such as Zdir, ImgURL, CCAA, and OneNav.
Random article
- ImgURL: A Simple and Pure Image Hosting Program
- WiseTDIFw64.sys Causes Windows 10 to Continuously Blue Screen and Restart
- Overview of Public Services on Little Z's Blog, Welcome to Use
- Commonly Used File Operation Functions in PHP
- Building Multi-platform Images with Docker Buildx
- "BookStand": Your Personal Note-Taking Software with WebDAV Sync and Offline Use
- Simulating Search Engine Access and Guard God Cloud Killing and Cleaning Trojan Horses
- SSH Tool, Xshell 5.0.0579 Official Chinese Version
- Compiling and Installing/One-Click Installation of Python 3 on CentOS 7
- Replacing CNZZ Statistics with Baidu Statistics with Tears