FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- XSS vulnerability

Affected packages
wordpress < 4.4.1,1
de-wordpress < 4.4.1
ja-wordpress < 4.4.1
ru-wordpress < 4.4.1
zh-wordpress-zh_CN < 4.4.1
zh-wordpress-zh_TW < 4.4.1

Details

VuXML ID fb754341-c3e2-11e5-b5fe-002590263bf5
Discovery 2016-01-06
Entry 2016-01-26
Modified 2016-03-08

Aaron Jorbin reports:

WordPress 4.4.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.4 and earlier are affected by a cross-site scripting vulnerability that could allow a site to be compromised. This was reported by Crtc4L.

[source]

References

CVE Name CVE-2016-1564
URL http://www.openwall.com/lists/oss-security/2016/01/08/3
URL https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.