+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: WordPress 4.9.2 Patches XSS Vulnerability

WPTavern: WordPress 4.9.2 Patches XSS Vulnerability

WordPress 4.9.2 has been released and patches a cross-site scripting vulnerability in the Flash fallback files in the MediaElement library. According to Ian Dunn, the Flash files are rarely needed and have been removed from WordPress.

If you need access to the Flash fallback files, they can be obtained using the MediaElement Flash Fallback plugin. Enguerran Gillier and Widiz are credited with responsibly disclosing the vulnerability. 

In addition to the patch, this releases fixes 21 bugs. JavaScript errors that prevented saving posts in Firefox has been fixed and switching themes will attempt to restore previous widget assignments, even if no sidebars exist.

You can view detailed information about the changes in 4.9.2 by reading the following Codex article.



Source: WordPress

Related Post
BuddyPress: BuddyPress 3.0.0 “Apollo”

BuddyPress: BuddyPress 3.0.0 “Apollo” BuddyPress 3.0.0 “Apollo” is now available for immediate download from the WordPress.org plugin repository, or right from your WordPress Dashboard. “Apollo” focuses on various improvement for developers, site builders and site managers. Say hello to “Nouveau”! A bold reimagining of our legacy templates, Nouveau is our celebration of 10 years of BuddyPress! […]

Read more
WPTavern: WordPress 4.9.6 Released With User Data Export and Removal Tools

WPTavern: WordPress 4.9.6 Released With User Data Export and Removal Tools WordPress 4.9.6 has been released and is considered a privacy and maintenance release. Traditionally, minor versions contain security and bug fixes. This release is different as it includes a number of privacy related features such as: Privacy Policy page template/creation User Data Request Handling […]

Read more
Dev Blog: WordPress 4.9.6 Privacy and Maintenance Release

Dev Blog: WordPress 4.9.6 Privacy and Maintenance Release WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features. Privacy The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site […]

Read more