WordPress 4.0 was released 2 months back on 4th September, 2014 (Oh My Birthday 😉 ) and there were 8 security bug fix patched in security update in WordPress Version 4.0.1 on 20th November,2014. It has not only affected WordPress 4.0. It has affected other lower versions as well. Latest release fixes following vulnerabilities: 3 XSS vulnerabilities where contributor or author could compromise the site. 1 CSRF (Cross Site Request Forgery) vulnerability to trick a user to change the site password 1 addition protection has been added to check SSRF (Server Side Request Forgery) while making HTTP requests. 1 hash
↧