Home Website News Articles Standard Post

Standard Post

WordPress 5.4.2 Update Log

WordPress 5.4.2 is now available! This security and maintenance release includes 23 fixes and enhancements. Additionally, it adds many security fixes – see the list below. These bugs affect WordPress 5.4.1 and earlier versions. Version 5.4.2 fixes these issues, so you need to upgrade. If you haven't updated to 5…

Updated on June 11, 2020 About 2 minutes read
WordPress 5.4.2更新记录

WordPress 5.4.2 is now available!

This security and maintenance release includes 23 fixes and enhancements. Additionally, it adds many security fixes – see the list below.

These bugs affect WordPress 5.4.1 and earlier versions. Version 5.4.2 fixes these issues, so you need to upgrade.

If you haven't updated to 5.4, there are also updated versions for 5.3 and earlier that can fix bugs for you.

Security Update

WordPress 5.4 and earlier versions are affected by the following bugs, which have been fixed in version 5.4.2. If you have not updated to 5.4, there are also updated versions for 5.3 and earlier to address security issues.

  • Props to Sam Thomas (jazzy2fives) for reporting an XSS issue where authenticated low-privilege users could add JavaScript to posts in the block editor.
  • Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions could add JavaScript in media files.
  • Props to Ben Bidner of the WordPress security team for finding an open redirect issue in wp_validate_redirect().
  • Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme upload.
  • Props to Simon Scannell of RIPS Technologies for discovering an issue where setting screen options could be abused by plugins to cause privilege escalation.
  • Carolina NymarkThe suggestion is to identify an issue where comments on password-protected posts and pages can be displayed under certain circumstances.

Thanks to all reportersfor privately disclosing these vulnerabilities. This gives the security team time to fix vulnerabilities that could attack WordPress sites.

A maintenance update was also deployed to versions 5.1, 5.2, and 5.3. For more information, seerelated developer notes

You canon TracbrowseChangethefull list

For more information, browse the full list of changes on Trac, or check out5.4.2versiondocumentation page

WordPress 5.4.2 is a short-term maintenance release. The next major version will beversion 5.5

You can download WordPress 5.4.2 from the button at the top of this page, or visitDashboard → Updatesand clickUpdate Now

If your site supports automatic background updates, they have already started the update process.

5/5 - (1 vote)
Previous Plugins and Code for Adding Emojis to WordPress Comment Box (2020 New Edition) Continue reading content around the same timeline. Next Five Recommended WooCommerce Plugins for Weight-Based Shipping Calculation View the next related tutorial or experience.

AI Website Building Assistant

🤖
Hello! I am the Naibabiji AI Assistant. How can I help you?
Quick Consultation: