WordPress 4.4.1 Patches XSS Security Vulnerability

WordPress 4.4.1 is available for download and includes 52 fixes, one of which patches a cross site scripting vulnerability reported by Crtc4L. This release address two severe bugs and updates the polyfill used for emoji to support Unicode 8. Support for Unicode 8 adds new diversity emoji to WordPress.

Other notable changes include the removal of Rdio embed support, plugins failing to update after WordPress 4.4 is installed, and a handful of changes to responsive images. Sites configured to receive automatic updates should update within 24 hours. Since 4.4.1 is a security release, you should initiate the update process as soon as possible.

A total of 36 people contributed to this release. If you encounter problems after updating, please create a new thread in the WordPress.org support forums where volunteers are standing by to help out.

There are 5 comments

Your email address will not be published. Required fields are marked *