WPITECHWPITECH

    Subscribe to Updates

    Get Latest WordPress Tutorials and Updates

    What's Hot

    12 Best Ecommerce Software in 2021 & in the Future

    July 31, 2021

    Why Is My Canon Printer Not Printing Properly?

    July 31, 2021

    5 Best Google Analytics Plugins

    May 28, 2021
    Facebook Twitter Instagram
    Facebook Twitter Instagram
    WPITECH WPITECH
    Subscribe
    • Home
    • Tutorials
      • WordPress Tutorials
      • WordPress Plugin
      • WordPress Themes
      • WooCommerce
      • Ecommerce
      • PHP
    • Hosting
    • Deals
      • Hosting Deals
    • SEO TOOLS
      • Bulk Url Checker
      • Structured Data
      • Google Cache
      • Hyperlink Generator
      • Free URL Checker
    • Marketing
      • SEO
      • Advertising
    • Reviews
    • Write for Us
    • About Us
    WPITECHWPITECH
    Home » WordPress 5.2.4 Security Release
    WordPress Tutorials

    WordPress 5.2.4 Security Release

    WPITECHBy WPITECHOctober 16, 2019Updated:July 4, 2021No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    WordPress 5.2.4 release with 6 new security fixes. All of those security issues were reported by the WordPress community audience. WordPress version 5.2.3 is affected by these bugs which are later fixed in WordPress version 5.2.4.

    Earlier WordPress versions from 3.7 to 5.2, all of the following issues fixed in 5.2.4 release.

    1. One of the issues where stored XSS (cross-site scripting) could be added via the Customizer.
    2. An issue through which you can easily view unauthenticated posts
    3. A bug which let stored XSS to inject Javascript into <style> tags
    4. A method using Vary: Origin header to poison the cache of JSON GET requests
    5. Server-side request forgery(SSRF) in the way that URLs are validated
    6. Bug related to referrer validation in the admin

    These are the files where code changes are placed:

     /wp-includes/functions.php
    /wp-includes/class-wp.php
     /wp-includes/class-wp-query.php
     /wp-includes/pluggable.php
     /wp-includes/http.php
     /wp-includes/rest-api.php
    

    You can find the complete code changes on GitHub.

    WordPress version 5.2.4 completely focuses on security fixes. However, some changes also notified in this release such as script loader where they remove this line of code:

    ( $scripts->add( 'wp-sanitize', "/wp-includes/js/wp-sanitize$suffix.js", array( 'jquery' ), false, 1 );
    

    It was removed and now the code above makes an extra call to wp-sanitize.js.

    Also, some other lines of code have been added in the pluggable script and redirect script to adjust the Windows path when validating the location of the relative URLs.

    If the automatic updates are turned as enabled on your WordPress, then this version may already be installed on your site. If it will not update automatically then you have to install this latest version by going to Dashboard> Updates > Update Now menu in your site’s admin area. The other way is to download WordPress from the release archive.

    WordPress 5.2.4 Security Release
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    WPITECH

    Related Posts

    9 Amazing Benefits of Using WordPress for Your Projects

    May 15, 2021

    Must have Features for WordPress Website

    February 4, 2020

    WordPress vs Squarespace: Best Comparison 2020

    January 6, 2020
    Add A Comment

    Leave A Reply Cancel Reply

    Recent Posts
    • 12 Best Ecommerce Software in 2021 & in the Future
    • Why Is My Canon Printer Not Printing Properly?
    • 5 Best Google Analytics Plugins
    • 12 Best Email List Building Tools in 2021
    • 9 Amazing Benefits of Using WordPress for Your Projects
    Recent Comments
    • 20+ Top Ecommerce Marketing Agencies To Hire for 2020 on Conversion Rate Optimization Tips to Improve Conversions and Increase Revenue
    • Hottest B2B Content Marketing Trends and Statistics in 2019 on The Ultimate Guide to Broken Link Building 2020
    • Digital Chetan on SEO 2020 Google RankBrain Algorithm GUIDE
    Editors Picks
    Top Reviews
    Advertisement
    Demo
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    © 2022 All rights reserved

    Type above and press Enter to search. Press Esc to cancel.