Friday, July 24, 2015

Security Release: WordPress 4.2.3

The WordPress project has just released a new version due to a security release. WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site.

They also fixed an issue that allowed the possibility for a user with Subscriber permissions to create a draft through Quick Draft.

The WordPress team strongly encourages their users to update their site to this version. For more details please check the official announcementIf you already have a running version of Bitnami WordPress, the application will automatically be updated. You can confirm that the update has been done by checking the version from your admin panel.

We have released Bitnami WordPress 4.2.3 (and Multisite version) installersvirtual machines and Amazon EC2Google, VMWare and Azure cloud images that fix these issues.

Have questions about Bitnami WordPress or the security issue? Post to our community forum, and we would be happy to help you.