edit-icon download-icon

[Vulnerability notice] Storage-type XSS and other critical vulnerabilities in WordPress version 4.2 and earlier versions

Last Updated: Nov 23, 2017

Description

WordPress 4.2 and earlier versions have multiple security vulnerabilities, including a storage-type XSS vulnerability that can be triggered by a comment from an anonymous user.

Affected versions

WordPress <= 4.2

Fix

Update WordPress to the latest version.

Note: To ensure normal business operation, conduct a test in the test environment first before upgrading the software.

Thank you! We've received your feedback.