🚀 Is building a website too difficult? Let me guide you step by step—Learn about the 「Naibabiji WordPress Website Building Coaching Service」 →
🔍 Click Here to Search This Site
Website News & Articles

WordPress 5.4.2 Update Log

📅 June 11, 2020
👤 Lee
⏱️ Reading Time: 1 minute
🔄 Last Updated: June 11, 2020
WordPress 5.4.2 is now available! This security and maintenance release includes 23 fixes and enhancements. Additionally, it adds numerous security fixes—please refer to the list below. These bugs affect WordPress 5.4.1 and earlier versions. Version 5.4.2 fixes these issues, so you need to upgrade. If you haven't updated to 5.4 yet, there are also updated versions for 5.3 and earlier that will fix the bugs for you.

Security Updates

WordPress 5.4 and earlier versions are affected by the following bugs, which have been fixed in version 5.4.2. If you haven't updated to 5.4 yet, there are also updated versions for 5.3 and earlier that address the security issues.
  • Props to Sam Thomas (jazzy2fives) for reporting an XSS issue where an authenticated low-privilege user could add JavaScript to a Post in the Block Editor.
  • Props to Luigi – (gubello.me) discovered an XSS issue where authenticated users with upload permissions could add JavaScript to media files.
  • Props to Ben Bidner from the WordPress security team forwp_validate_redirect()finding an open redirect issue in
  • Props to Nrimo Ing Pandumfor finding an authenticated XSS issue via theme upload.
  • Props to Simon Scannell of RIPS Technologiesfor discovering an issue where theScreen Optionscould be abused by plugins to lead to privilege escalation.
  • Carolina NymarkThe suggestion is to identify an issue where comments on password-protected posts and pages can be displayed under certain circumstances.
Thanks to all reportersfor privately disclosing these vulnerabilities. This gives the security team time to fix vulnerabilities that could attack WordPress sites. A maintenance update was also deployed for versions 5.1, 5.2, and 5.3. For more information, seethe related developer notes. You canon TracbrowseChangethefull list. For more information, browse the full list of changes on Trac, or view the5.4.2versiondocumentation page. WordPress 5.4.2 is a short-term maintenance release. The next major version will beversion 5.5. You can download WordPress 5.4.2 from the button at the top of this page, or visitDashboard → Updates, then click Update Now. If your site supports automatic background updates, they have already started the update process.

🚀 Still feeling confused after reading the tutorial? Let me guide you step-by-step instead.

「Naibabiji WordPress Website Building Coaching」 — From selecting a domain and purchasing hosting to installing themes and publishing posts, I「ll guide you through every step, helping you avoid detours and reach your goals directly.

👉 Learn about Website Building Coaching Service
🔒

Comments are closed

The comment function for this article is closed. If you have any questions, please feel free to contact us through other channels.

×
二维码

Scan to Follow