WordPress.org

WordPress 5.2.4 Update

Posted November 19, 2019 by Jake Spurlock. Filed under Releases, Security.

Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution.

Simon has done a great deal of work on the WordPress project, and failing to mention his contributions is a huge oversight on our end.

Thank you to all of the reporters for privately disclosing vulnerabilities, which gave us time to fix them before WordPress sites could be attacked.

See Also:

Want to follow the code? There’s a development P2 blog and you can track active development in the Trac timeline that often has 20–30 updates per day.

Want to find an event near you? Check out the WordCamp schedule and find your local Meetup group!

For more WordPress news, check out the WordPress Planet.

Categories

Subscribe to WordPress News

Join 3,022,649 other subscribers

%d bloggers like this: