edit-icon download-icon

[Vulnerability notice] Storage-type XSS and other critical vulnerabilities in WordPress version 4.2 and earlier versions

Last Updated: Nov 23, 2017


WordPress 4.2 and earlier versions have multiple security vulnerabilities, including a storage-type XSS vulnerability that can be triggered by a comment from an anonymous user.

Affected versions

WordPress <= 4.2


Update WordPress to the latest version.

Note: To ensure normal business operation, conduct a test in the test environment first before upgrading the software.

Thank you! We've received your feedback.