WordPress 4.2.4 Security and Maintenance Release

WordPress announced today a security and maintenance release to version 4.2.4. This release fixes a number of vulnerabilities uncovered by WordPress security experts.

From WordPress.org WordPress 4.2.4 Security and Maintenance release.:

This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset.

Please update your WordPress sites immediately. Download WordPress 4.2.4 or click “Update” in your Dashboard admin panel. Always backup before upgrading.

WordPress 4.2.4 also fixes four bugs. View the release notes or consult the list of changes.

Want to Try AIOSEO for Free?

Enter the URL of your WordPress website to install AIOSEO Lite.

Please enable JavaScript in your browser to complete this form.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. We only recommend products that we believe will add value to our readers.

author avatar
Tony Zeoli
Tony Zeoli is Director, Digital Marketing for Semper Plugins and All In One SEO Pack. While not managing social media and email communications, Tony loves to DJ on his radio show, the Asheville House Music Society on Ashevillefm.org (103.3-LP FM) in Asheville, NC.

Add a Comment

We're glad you have chosen to leave a comment. Please keep in mind that all comments are moderated according to our privacy policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.