WordPress 5.2.4 Security Release is Available!

Published by MLH_sharmin on

WordPress version 5.2.4 security release fixes 6 security issues that affect earlier versions of 5.2.3.

Security Updates:

  • An issue where stored XSS (cross-site scripting) could be added via the Customizer screen.
  • A bug through which you can easily view unauthenticated posts.
  • An issue which let stored XSS to inject Javascript into <style> tags.
  • A method using Vary: Origin header to poison the cache of JSON GET requests.
  • A server-side request forgery(SSRF) in the way that URLs are validated.
  • Issues related to referrer validation in the admin.

WordPress 5.2.4 is a short-cycle security release. The next major release will be version 5.3.

You can download WordPress 5.2.4 or visit Dashboard → Updates and click Update Now. Sites that support automatic background updates have already started to update automatically.

Log in to cPanel ⇒ go to the SOFTACULOUS APPS INSTALLER section of the cPanel home screen ⇒ click any of the options under Categories. In the icon list at the top right, click the icon (All Installations icon) Locate the application that you want to update and click the icon (Upgrade icon).



This is Sharmin Islam here, a marketing officer at MyLightHost including the responsibilities of creating and developing new innovative ways to communicate the company message to their existing customers. Contributing to the annual sales and marketing plan.

Copy link
Powered by Social Snap