WordPress Patch Addresses Security Issues While Security Firm Discovered Vulnerability Within The Blogging Platform; Check Detailed Guide To Fix It
Janice Tapil | | May 08, 2015 08:59 AM EDT |
WordPress has released its latest patch that fixes security issues. This is due to a report coming from a security firm discovering vulnerability with the blogging platforms.
The Online publishing platform WordPress has released a patch update for critical security issues and Samuel Sidler from WordPress said that version 4.2.2 of the publishing platform is now available.
Like Us on Facebook
According to WordPress, the version 4.2.2 addresses two security issues. The first one is an HTML file in the Genericons icon font package that is vulnerable to a cross-site scripting attack. The affected plugins and themes have been updated as well.
Lastly, the WordPress 4.2.2 has addressed the issues on version 4.2 by a critical cross-site scripting vulnerability. The patch includes hardening for a potential cross-site scripting vulnerability when using the visual editor.
Moreover, the WordPress patch brings fixes for 13 bugs from the 4.2.1 and these are the following: emoji loading error in IE9 and IE10, embed for YouTube URLs to always expect https, keyboard shortcut for saving from the Visual editor on Mac, a bug allowing queries to reference tables in the dbname.tablename format, how WordPress checks for encoding when sending strings to MySQL, a bug where attachment URLs were incorrectly being forced to use https in some contexts, issue with trying to change the wrong index in the wp_signups table on utf8mb4 conversion, Improves performance of loop detection in _get_term_children()and Lowers memory usage for a regex checking for UTF-8 encoding.
To download the WordPress 4.2.2, go to updates and click the "Update Now," while sites which have a support on an automatic background updates are beginning to receive the update.
Meanwhile, MSN reported that Sucuri, a security firm, are the ones who has found out the vulnerability in the WordPress, which leaves the user's site to open to attack.
It affects the TwentyFifteen theme and the JetPack plugin that has over million installations. If the hacker has tricked the user to click a certain website or a link, they can control the user's WordPress site.
The site added that it can be fixed by removing the "example.html" file in any genericons in the user's WordPress installation.
TagsWordPress 4.2.2, WordPress 4.2, update, patch, WORDPRESS
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
-
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?