WordPress 5.2.4 Security Release is Available!

https://blog.mylighthost.com/wp-content/uploads/2023/06/pexels-pixabay-265667.jpg
Posted on | Posted on MLH_sharmin

WordPress version 5.2.4 security release fixes 6 security issues that affect earlier versions of 5.2.3.

Security Updates:

  • An issue where stored XSS (cross-site scripting) could be added via the Customizer screen.
  • A bug through which you can easily view unauthenticated posts.
  • An issue which let stored XSS to inject Javascript into <style> tags.
  • A method using Vary: Origin header to poison the cache of JSON GET requests.
  • A server-side request forgery(SSRF) in the way that URLs are validated.
  • Issues related to referrer validation in the admin.

WordPress 5.2.4 is a short-cycle security release. The next major release will be version 5.3.

You can download WordPress 5.2.4 or visit Dashboard → Updates and click Update Now. Sites that support automatic background updates have already started to update automatically.

Log in to cPanel ⇒ go to the SOFTACULOUS APPS INSTALLER section of the cPanel home screen ⇒ click any of the options under Categories. In the icon list at the top right, click the icon (All Installations icon) Locate the application that you want to update and click the icon (Upgrade icon).