WP REST API 1.2.3 Patches XSS Vulnerability

WP REST API version 1.2.3 and 2.0 Beta 4 address a security issue that affects sites running 1.2 or 2.0 beta. This release fixes a potential XSS vulnerability related to JSONP support in 1.2 and 2.0 of the API. Automatic updates are in progress for 1.2.3 but if your site hasn’t automatically updated, the team suggests updating manually as soon as possible.

In addition to the security release, 2.0 Beta 4 includes a number of enhancements, some of which break backwards compatibility. Developers and beta testers should read the detailed changelog and release notes.


2 responses to “WP REST API 1.2.3 Patches XSS Vulnerability”

  1. Ciprian, cool that is interesting. could you keep us up to date as may fit in well with our platform to pull data from WP rest API into a number of platforms like erp,pos etc. Keep us up to date as we are always keen to learn about the rest data capabilities of WP. Especially as there are so many WP drop shippers out there that may need the API to pull data from origins


Subscribe Via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.