WordPress Notice
WordPress 5.3 “Kirk”
12th November 2019
WordPress Notice
WordPress 5.3.1 Security and Maintenance Release
13th December 2019
Show all
WordPress Notice

Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution.

Simon has done a great deal of work on the WordPress project, and failing to mention his contributions is a huge oversight on our end.

Thank you to all of the reporters for privately disclosing vulnerabilities, which gave us time to fix them before WordPress sites could be attacked.

Original Article

Leave a Reply