WordPress Security & Maintenance Update 4.3.1
WordPress Security Update Overview
WordPress 4.3.1 is now available. This is a WordPress security release for all previous versions and we are currently busy updating files for our clients.
This WordPress Security Update addresses three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation.
WordPress Security Update
- WordPress versions 4.3 and earlier are vulnerable to a cross-site scripting vulnerability when processing shortcode tags (CVE-2015-5714). Reported by Shahar Tal and Netanel Rubin of Check Point.
- A separate cross-site scripting vulnerability was found in the user list table. Reported by Ben Bidner of the WordPress security team.
- Finally, in certain cases, users without proper permissions could publish private posts and make them sticky (CVE-2015-5715). Reported by Shahar Tal and Netanel Rubin of Check Point.
WordPress 4.3.1 also fixes twenty-six bugs. For more information, see the full WordPress Security & Maintenance 4.3.1 Update article.
If you would like WPWSS to manage your WordPress Security please read about our WordPress Security Solutions below:
If you have any questions about your WordPress Security then please feel free ask your questions below using our live chat facility or send us an email.
Or why not subscribe to our RSS Feed and get notified straight away about new WordPress Updates, remember out of date WordPress Core files is your invitation to get hacked.
Always act upon the latest WordPress Security Update.
We love talking WordPress Security whether you are a customer or not.