WordPress 5.4.2 Security and Fix Update

Manuel Fischer

20. Jun 2020

Developer Blog

WordPress 5.4.2 was released on June 10 and contains 23 fixes and some security enhancements.

Security fixes

XSS allowed low privileged users to add JavaScript to posts in the block editor or to add JavaScript to media files.
Open redirect issue in wp_validate_redirect().
XSS issue via theme uploads.
Issue where set-screen-option can be misused by plugins leading to privilege escalation.
Vulnerabilities where comments from password-protected posts and pages could be displayed under certain conditions.

WordPress 5.1, 5.2 and 5.3 also got those fixes as an update.

A complete list of all commits in this updtate can be found on wordpress.org.

Remember to always create a backup before updating.

Picture courtesy of James Sutton.

Aktuelle Artikel

State of the Word 2024

17. Dezember 2024

Shopify Boring Edition Winter ’25

11. Dezember 2024

Schweizer Crypto-Exchange Lykke meldet Konkurs an

11. Dezember 2024

Beliebte Tags

Beyond the Meme

Der englischsprachige Podcast von Openstream. Discover how memes, AI, and digital culture shape our world, challenge norms, and redefine what it means to be human.

security, update, WordPress

WordPress 5.4.2 Security and Fix Update

Security fixes

Aktuelle Artikel

State of the Word 2024

Shopify Boring Edition Winter ’25

Schweizer Crypto-Exchange Lykke meldet Konkurs an

Kategorien

Beliebte Tags

Beyond the Meme

Schreibe einen Kommentar Antworten abbrechen

Let’s Work Together