WordPress

WordPress 4.5.3 Fixes 7 Security Issues

WordPress 4.5.3 was released today to fix seven important security issues that affect 4.5.2 and prior versions. Automatic background updates are already rolling out and all users are advised to update immediately. The release patches the following security issues: Redirect bypass in the customizer (reported by Yassine Aboukir) Two different (more…)

Shiny Updates Approved for Partial Merge Into WordPress 4.6

The Shiny Updates project was approved for partial merge today during an additional meeting designated for reviewing improvements added within the last week. A decision was expected last week but was delayed after contributors discovered that the plugin required three more audits to be ready for merge. Drew Jaynes completed (more…)

Patches Featured Image

The WordPress core team has released WordPress 4.5.2 which patches two security vulnerabilities in WordPress versions 4.5.1 and below. The first is a SOME vulnerability (Same-Origin Method Execution) in Plupload, the third-party library WordPress uses for uploading files. The second is a reflected cross-site-scripting vulnerability in MediaElement.js, the third-party library (more…)

WordPress 4.5.1 Fixes 12 Bugs

WordPress 4.5.1 is available and addresses a dozen items reported against WordPress 4.5. According to Adam Silverstein, “a singular class issue that broke sites based on the Twenty Eleven theme, an incompatibility between certain Chrome versions and the visual editor, and an Imagick bug that could break media uploads,” are (more…)