WordPress Security Release 4.2.4

WordPress has released version 4.2.4. This security release fixes 3 cross-site-scripting (XSS) vulnerabilities and a possible SQL injection exploit.

In addition the update also fixes a few general bugs in the software:

  • A fix for characters not being saved correctly when a non-standard database┬ácollation is used
  • A fix for the core not type-checking directory listings using glob()
  • A fix for shortcodes not working when they are added at the beginning of an HTML element (e.g. <[my-shortcode ...] >)
  • A fix for shortcodes removing line returns inside of CDATA content blocks

WordPress is the open-source blogging and publishing software originally developed by Autoattic who handed off the software and copyrights to the WordPress Foundation, a charitable organization the supports WordPress and related plugins.

https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/

Leave a Reply

Your email address will not be published. Required fields are marked *