🚀 Is building a website too difficult? Let me guide you step by step—Learn about the 「Naibabiji WordPress Website Building Coaching Service」 →
🔍 Click here to search this site
Website News Articles

WordPress 5.4.2 Update Log

📅 June 11, 2020
👤 Lee
⏱️ Reading time: 1 minute
🔄 Last updated: June 11, 2020
WordPress 5.4.2 is now available! This security and maintenance release includes 23 fixes and enhancements. Additionally, it adds numerous security fixes—see the list below. These bugs affect WordPress 5.4.1 and earlier versions. Version 5.4.2 fixes these issues, so you need to upgrade. If you haven't updated to 5.4 yet, there are also updated versions for 5.3 and earlier that can fix bugs for you.

Security Update

WordPress 5.4 and earlier versions are affected by the following bugs, which have been fixed in version 5.4.2. If you have not updated to 5.4, there are also updated versions for 5.3 and earlier to address security issues.
  • Props to Sam Thomas (jazzy2fives) for reporting an XSS issue where authenticated low-privilege users could add JavaScript to posts in the block editor.
  • Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions could add JavaScript in media files.
  • Props to Ben Bidner of the WordPress security team for finding an open redirect issue in wp_validate_redirect().
  • Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme upload.
  • Props to Simon Scannell of RIPS Technologies for discovering an issue where setting screen options could be abused by plugins to cause privilege escalation.
  • Carolina NymarkThe suggestion is to identify an issue where comments on password-protected posts and pages can be displayed under certain circumstances.
Thanks to all reportersfor privately disclosing these vulnerabilities. This gave the security team time to fix vulnerabilities that could compromise WordPress sites. A maintenance update was also deployed for versions 5.1, 5.2, and 5.3. For more information, see therelated developer notes. You canon TracbrowseChangethefull list. For more details, browse the full list of changes on Trac, or check the5.4.2versiondocumentation page. WordPress 5.4.2 is a short-term maintenance release. The next major version will beversion 5.5. You can download WordPress 5.4.2 from the button at the top of this page, or visitDashboard → Updatesand clickUpdate Now. If your site supports automatic background updates, they have already started the update process.

🚀 Still feeling confused after reading the tutorial? Let me guide you step-by-step.

「Naibabiji WordPress Website Building Coaching Service」—From choosing a domain and buying hosting, to installing a Theme and publishing content, I「ll coach you through every step, helping you avoid detours and reach your goal directly.

👉 Learn about the Website Building Coaching Service
🔒

Comments are closed

The comment function for this article is closed. If you have any questions, please feel free to contact us through other channels.

×
二维码

Scan QR Code to Follow

AI Website Building Assistant

🤖
Hello! I am the Naibabiji AI Assistant. How can I help you?
Quick Consultation:
In-depth Tools:
🎯 SEO Planning Tool 🖼️ Website template