Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
WordPress 5.2.3 Released with Security and Bug Fixes
#1
Quote:WordPress 5.2.3 has been released and includes fixes for six vulnerabilities and 29 bugs or enhancements. As WordPress is a common target for threat actors looking to host their malicious campaigns, it is important that all WordPress users upgrade to the latest release as soon as possible.

To upgrade to WordPress 5.2.3, you can download it and install manually or upgrade from within the WordPress Admin dashboard by clicking on Update and then clicking on Update Now

With this release, WordPress has fixed 5 XSS vulnerabilities and an open redirect vulnerability. All of these vulnerabilities were discovered by third-party researchers as described below.
  • Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues. The first, a cross-site scripting (XSS) vulnerability found in post previews by contributors. The second was a cross-site scripting vulnerability in stored comments.
  • Props to Tim Coen for disclosing an issue where validation and sanitization of a URL could lead to an open redirect.
  • Props to Anshul Jain for disclosing reflected cross-site scripting during media uploads.
  • Props to Zhouyuan Yang of Fortinet’s FortiGuard Labs who disclosed a vulnerability for cross-site scripting (XSS) in shortcode previews.
  • Props to Ian Dunn of the Core Security Team for finding and disclosing a case where reflected cross-site scripting could be found in the dashboard.
  • Props to Soroush Dalili (@irsdl) from NCC Group for disclosing an issue with URL sanitization that can lead to cross-site scripting (XSS) attacks.




[Image: 3wuRJdW.png]
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Google releases Chrome 90 with HTTPS by default and security fixes Imran 0 974 04-15-2021 , 03:00 PM
Last Post: Imran
  QNAP fixes even more serious security flaws on its NAS devices Bjyda 0 820 12-25-2020 , 12:45 AM
Last Post: Bjyda
  Adobe Photoshop gets fixes for critical security vulnerabilities tarekma7 0 1,247 07-21-2020 , 09:44 PM
Last Post: tarekma7
  VLC media player 3.0.8 (Security Fixes ) mrtrout 0 1,183 08-20-2019 , 05:38 AM
Last Post: mrtrout
  Infected WordPress Sites Are Attacking Other WordPress Sites Mohammad.Poorya 0 1,594 12-08-2018 , 06:00 PM
Last Post: Mohammad.Poorya

Forum Jump:


Users browsing this thread: 1 Guest(s)