Installation/Update Information
-
New To WordPress – Where to Start -
First Steps With WordPress or Upgrading WordPress Extended -
WordPress Lessons
Summary
Maintenance updates
Security updates
-
Marc Montpas of Automattic for finding a potential disclosure of user email addresses. -
Marc Montpas of Automattic for finding an RCE POP Chains vulnerability. -
Rafie Muhammad and Edouard L of Patchstack along with a WordPress commissioned third-party audit for each independently identifying a XSS issue in the post link navigation block. -
Jb Audras of the WordPress Security Team and Rafie Muhammad of Patchstack for each independently discovering an issue where comments on private posts could be leaked to other users. -
James Golovich and WhiteCyberSec for each independently identifying a way for logged in user to execute any shortcode. -
mascara7784 for identifying a XSS vulnerability in the application password screen. -
Jorge Costa of the WordPress Core Team for identifying XSS vulnerability in the footnotes block. -
s5s and raouf_maklouf for independently identifying a cache poisoning DoS vulnerability.
Credits
Changelog
List of updated packages
COMING SOON
List of Files Revised
COMING SOON