No Image

WordPress 4.3.1 Security and Maintenance Release

2015-09-16 KENNETH 0

WordPress 4.3.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation. WordPress versions 4.3 and earlier are vulnerable to a cross-site scripting vulnerability when processing shortcode tags (CVE-2015-5714). Reported by Shahar Tal and Netanel Rubin of Check Point. A separate cross-site scripting vulnerability was found in the user list table. Reported by Ben Bidner of the WordPress security team. Finally, in certain cases, users without proper permissions could publish private posts and make them sticky (CVE-2015-5715). Reported by Shahar Tal and Netanel Rubin of Check Point. Our thanks to those who have practiced responsible disclosure of security issues. WordPress 4.3.1 also fixes twenty-six bugs. For more information, see the release notes or consult the list of changes. Download WordPress 4.3.1 or venture over to Dashboard [ more… ]

WordPress 4.3 “Billie”

2015-08-19 KENNETH 0

Version 4.3 of WordPress, named “Billie” in honor of jazz singer Billie Holiday, is available for download or update in your WordPress dashboard. New features in 4.3 make it even easier to format your content and customize your site. Menus in the Customizer Create your menu, update it, and assign it, all while live-previewing in the customizer. The streamlined customizer design provides a mobile-friendly and accessible interface. With every release, it becomes easier and faster to make your site just the way you want it. Formatting Shortcuts //s.w.org/images/core/4.3/formatting.mp4 Your writing flow just got faster with new formatting shortcuts in WordPress 4.3. Use asterisks to create lists and number signs to make a heading. No more breaking your flow; your text looks great with a * and a #. Site Icons   Site icons represent your site in browser tabs, bookmark [ more… ]

No Image

WordPress 4.2.4 Security and Maintenance Release

2015-08-05 KENNETH 0

출처 : https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/ WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset. Our thanks to those who have practiced responsible disclosure of security issues. WordPress 4.2.4 also fixes four bugs. For more information, see the release notes or consult the list of changes. Download WordPress 4.2.4 or venture over to Dashboard → Updates and simply click “Update [ more… ]

No Image

WordPress 4.2.4 Security and Maintenance Release

2015-08-04 KENNETH 0

WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset. Our thanks to those who have practiced responsible disclosure of security issues. WordPress 4.2.4 also fixes four bugs. For more information, see the release notes or consult the list of changes. Download WordPress 4.2.4 or venture over to Dashboard → Updates and simply click “Update Now.” Sites [ more… ]

No Image

WordPress 4.3 Release Candidate

2015-07-30 KENNETH 0

The release candidate for WordPress 4.3 is now available. We’ve made more than 100 changes since releasing Beta 4 a week ago. RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.3 on Tuesday, August 18, but we need your help to get there. If you haven’t tested 4.3 yet, now is the time! Think you’ve found a bug? Please post to the Alpha/Beta support forum. If any known issues come up, you’ll be able to find them here. To test WordPress 4.3 RC1, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip). For more information about what’s new in version 4.3, check out the Beta 1, Beta 2, Beta 3, and Beta 4 blog [ more… ]