Hello friends, today I want to share about releasing the new version of the popular CMS, WordPress.
WordPress released its new version 5.2.4 on October 14, 2019. It is a short-cycle security release. This release fixes six security issues, which are:
- Creating Stored XSS (Cross-Site Scripting) using the Customizer.
- Creating Stored XSS (Cross-Site Scripting) to inject JavaScript (JS) into style (<style></style>) tags.
- Viewing unauthenticated posts.
- Poisoning the cache of JSON GET requests via the Vary: Origin header
- Faking server-side request in the way that URLs are validated, and
- Having a problem with referrer validation in the admin section
List of Updated Files in WordPress 5.2.4 release
- /wp-includes/class-wp.php
- /wp-includes/class-wp-query.php
- /wp-includes/functions.php
- /wp-includes/http.php
- /wp-includes/pluggable.php
- /wp-includes/rest-api.php
What will be the next major release of Word Press?
The next major release of WP will be 5.3 and scheduled to be released on November 12, 2019.
One thought on “Do you know the latest version of WordPress (5.2.4) released and fixes six major security flaws?”