The WordPress 4.2.1 WordPress 4.2 security update (WordPress XNUMX) was released. As we mentioned earlier Publication, a cross-site scripting (XSS) vulnerability has been released recently for the latest version of WordPress 4.2 and can be exploited by a malicious user to run arbitrary code on the server hosting the software.
Το ελάττωμα ασφάλειας ήταν μέχρι και πριν από λίγο unpatched από τον επίσημο διανομέα του λογισμικού ενώ κυκλοφορεί το PoC ελεύθερα στο διαnetwork.
You can read more from here
The new version WordPress 4.2.1 she is available for download, or if you wish you can upgrade directly from the WordPress administration panel.
The official announcement of the new version states:
WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
A few hours ago, the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site. The vulnerability was discovered by Jouko Pynnönen.
It would be good to upgrade immediately…