{"id":3827,"date":"2015-08-04T12:10:40","date_gmt":"2015-08-04T12:10:40","guid":{"rendered":"http:\/\/wordpress.org\/news\/?p=3827"},"modified":"2022-11-18T22:53:52","modified_gmt":"2022-11-18T22:53:52","slug":"wordpress-4-2-4-security-and-maintenance-release","status":"publish","type":"post","link":"https:\/\/wordpress.org\/news\/2015\/08\/wordpress-4-2-4-security-and-maintenance-release\/","title":{"rendered":"WordPress 4.2.4 Security and Maintenance Release"},"content":{"rendered":"
WordPress 4.2.4 is now available. This is a\u00a0security release<\/strong>\u00a0for all previous versions and we strongly encourage you to update your sites immediately.<\/p>\n This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas<\/a> of Sucuri, Helen Hou-Sand\u00ed<\/a> of the WordPress security team, Netanel Rubin<\/a> of Check Point, and Ivan Grigorov<\/a>. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt<\/a> of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset<\/a>.<\/p>\n Our thanks to those who have practiced\u00a0responsible disclosure<\/a>\u00a0of security issues.<\/p>\n WordPress 4.2.4 also fixes four\u00a0bugs.\u00a0For more information, see the\u00a0release notes<\/a>\u00a0or consult the\u00a0list of changes<\/a>.<\/p>\n Download WordPress 4.2.4<\/a>\u00a0or venture over to Dashboard \u2192 Updates and simply click \u201cUpdate Now.\u201d Sites that support automatic background updates are already beginning to update to WordPress 4.2.4.<\/p>\n Already testing WordPress 4.3? The second\u00a0release candidate is now available (zip<\/a>) and it contains these fixes. For more on 4.3, see\u00a0the RC\u00a01 announcement post<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":" WordPress 4.2.4 is now available. This is a\u00a0security release\u00a0for all previous versions and we strongly encourage you to update your sites immediately. This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sand\u00ed […]<\/p>\n","protected":false},"author":12560283,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"episode_type":"","audio_file":"","cover_image":"","cover_image_id":"","duration":"","filesize":"","date_recorded":"","explicit":"","block":"","filesize_raw":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[14,15],"tags":[164,437],"class_list":["post-3827","post","type-post","status-publish","format-standard","hentry","category-releases","category-security","tag-4-2","tag-minor-releases"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pZhYe-ZJ","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts\/3827","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/comments?post=3827"}],"version-history":[{"count":11,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts\/3827\/revisions"}],"predecessor-version":[{"id":3843,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/posts\/3827\/revisions\/3843"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wporg\/v1\/users\/samuelsidler"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/media?parent=3827"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/categories?post=3827"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.org\/news\/wp-json\/wp\/v2\/tags?post=3827"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}