+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: WordPress 4.9.2 Patches XSS Vulnerability

WPTavern: WordPress 4.9.2 Patches XSS Vulnerability

WordPress 4.9.2 has been released and patches a cross-site scripting vulnerability in the Flash fallback files in the MediaElement library. According to Ian Dunn, the Flash files are rarely needed and have been removed from WordPress.

If you need access to the Flash fallback files, they can be obtained using the MediaElement Flash Fallback plugin. Enguerran Gillier and Widiz are credited with responsibly disclosing the vulnerability. 

In addition to the patch, this releases fixes 21 bugs. JavaScript errors that prevented saving posts in Firefox has been fixed and switching themes will attempt to restore previous widget assignments, even if no sidebars exist.

You can view detailed information about the changes in 4.9.2 by reading the following Codex article.



Source: WordPress

Related Post
WPTavern: How a Munich-based Game Studio is Using WordPress and Gutenberg to Power Its Website

WPTavern: How a Munich-based Game Studio is Using WordPress and Gutenberg to Power Its Website Mimimi, an award-winning game studio based in Munich, has launched a new WordPress website that provides an interesting case study of Gutenberg in the wild. Although you may not be able to tell from the frontend, behind the scenes the […]

Read more
Matt: Light Heretofore Unknown

Matt: Light Heretofore Unknown Yes, it is a press, certainly, but a press from which shall soon flow in inexhaustible streams the most abundant and most marvelous liquor that has ever flowed to relieve the thirst of man! [….] A spring of pure truth shall flow from it! Like a new star, it shall scatter […]

Read more
WPTavern: My Gutenberg Experience: Part Three

WPTavern: My Gutenberg Experience: Part Three It’s been about four months since the last time I shared my experience with Gutenberg. In that time, there have been sixteen releases. The more I use Gutenberg, the more nuances I encounter. Disruptive Writing Flow When writing a post, I press the enter key at the end of […]

Read more