Thursday, May 7, 2015

Security release: WordPress 4.2.2

The WordPress project has just released a new version that fixes two security issues. The issues are explained below:
  • The Genericons icon font package contained an HTML file vulnerable to a cross-site scripting attack 
  • WordPress versions 4.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site 
We have released Bitnami WordPress 4.2.2 (and Multisite version) installers, virtual machines and Amazon EC2, Google and Azure cloud images that fix these issues.

If you already have a running version of Bitnami WordPress, the application will be automatically updated. You can confirm that the update has been done by checking the version from your admin panel.

To learn more about these security issues, you can read about them further on the WordPress blog. Have questions about Bitnami WordPress? Post to our community forum, and we would be happy to help you.