plupload and tinymce – update to the latest version

  • Hi,

    If anyone from the WordPress dev team is reading this, just wanted to ask if there’s an official statement for WordPress not updating plupload and tinymce to the latest version. Reason is that we use WordPress on our project and the recent VAPT conducted highlighted that these two items are outdated and should be updated to the latest version to mitigate the vulnerabilities associated to the versions bundled in the latest WordPress version (6.4.3 as of this writing).

    Would like to get an official statement so I can tell the VAPT testers that these have been patched by the WordPress core dev team and can verify that the versions bundled in WordPress core is not affected by the CVEs currently circulated.

    Thanks.

    Will

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘plupload and tinymce – update to the latest version’ is closed to new replies.