Register Free Account

Register Me

Attention! WordPress 4.2.2 Security and Maintenance Release

WordPress 4.2.2 is available from May 7, 2015. WordPress got some bugs fixed in the new release and also they removed XSS-vulnerability concerning the Genericons icon font package. This package contained an HTML file which could let a a hacker inject code into Javascript, and, by doing this they could see the visitors cookies and get access to the admin panel.



Now WordPress 4.2.2 searches for these HTML-files and removes them. However, the search is performed only in wp-content/plugins and wp-content/themes, which is why we recommend you to check all root directory, for example via SSH:

find /path/to/wordpress -name example.html

Apart from this, other bugs from the previous versions of WordPress were fixed as well.

To see the full list of WordPress updates, click here .

If your WordPress website hasn’t updated to WordPress 4.2.2 automatically, you can do this manually in the admin panel: Dashboard → Updates and click ‘Update now’.

No Comments Yet.

Leave a comment

You must be Logged in to post a comment.