+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: WordPress 4.9.2 Patches XSS Vulnerability

WPTavern: WordPress 4.9.2 Patches XSS Vulnerability

WordPress 4.9.2 has been released and patches a cross-site scripting vulnerability in the Flash fallback files in the MediaElement library. According to Ian Dunn, the Flash files are rarely needed and have been removed from WordPress.

If you need access to the Flash fallback files, they can be obtained using the MediaElement Flash Fallback plugin. Enguerran Gillier and Widiz are credited with responsibly disclosing the vulnerability. 

In addition to the patch, this releases fixes 21 bugs. JavaScript errors that prevented saving posts in Firefox has been fixed and switching themes will attempt to restore previous widget assignments, even if no sidebars exist.

You can view detailed information about the changes in 4.9.2 by reading the following Codex article.



Source: WordPress

Related Post
WPTavern: WPTracSearch: An Elasticsearch-Powered Search Interface for WordPress Trac Tickets

WPTavern: WPTracSearch: An Elasticsearch-Powered Search Interface for WordPress Trac Tickets WordPress Trac is one of the more utilitarian and uninspiring interfaces that many contributors have to contend with in the process of giving back to the project. After growing tired of Trac’s mediocre search functionality, William Earnhardt set out to improve it with a new […]

Read more
WPTavern: Tips for Replying to A Call for Papers or A Call for Speakers

WPTavern: Tips for Replying to A Call for Papers or A Call for Speakers The following is a guest post written by Jennifer Bourn. With 21 years experience as a graphic designer, 15 years experience as a web designer, 14 years as a creative agency owner, and 11 years as a blogger, Jennifer Bourn has […]

Read more
WPTavern: Storefront 2.5.0 Introduces a Custom, Block-Based Homepage

WPTavern: Storefront 2.5.0 Introduces a Custom, Block-Based Homepage Storefront, WooCommerce’s free flagship theme, has just released version 2.5.0 with updates that make it easier to setup and customize the homepage. In 2017, WooCommerce 2.2 introduced starter content to help users set up the homepage template, menus, widgets, and add some demo products. This content has […]

Read more