WordPress 5.5.2 Safety and also Upkeep Launch – San Francisco

WordPress 5.5.2 Safety and also Upkeep Launch – San Francisco

WordPress 5.5.2 is currently offered!

This protection and also upkeep launch functions 14 bug fixes along with 10 protection repairs. Since this is a protection launch, it is advised that you upgrade your websites quickly. All variations because WordPress 3.7 have actually likewise been upgraded.

WordPress 5.5.2 is a short-cycle protection and also upkeep launch. The following significant launch will certainly be variation 5.6.

You can download and install WordPress 5.5.2 by downloading and install from WordPress.org, or see your Control panel → Updates and also click Update Currently.

If you have websites that sustain automated history updates, they have actually currently begun the upgrade procedure.

Safety Updates

10 protection problems influence WordPress variations 5.5.1 and also earlier. If you have not yet upgraded to 5.5, all WordPress variations because 3.7 have actually likewise been upgraded to repair the list below protection problems:

  • Props to Alex Concha of the WordPress Safety Group for their operate in solidifying deserialization demands.
  • Props to David Binovec on a solution to disable spam installs from impaired websites on a multisite network.
  • Many Thanks to Marc Montas from Sucuri for reporting a concern that can result in XSS from international variables.
  • Many Thanks to Justin Tran that reported a concern bordering opportunity rise in XML-RPC. He likewise discovered and also divulged a concern around opportunity rise around blog post commenting through XML-RPC.
  • Props to Omar Ganiev that reported a technique where a DoS strike can result in RCE.
  • Many Thanks to Karim El Ouerghemmi from RIPS that divulged a technique to shop XSS in blog post slugs.
  • Many Thanks to Slavco for reporting, and also verification from Karim El Ouerghemmi, a technique to bypass secured meta that can result in approximate data removal.
  • Many Thanks to Erwan LR from WPScan that properly divulged a technique that can result in CSRF.
  • And also an unique many thanks to @zieladam that was important in most of the launches and also spots throughout this launch.

Thanks to every one of the press reporters forprivately disclosing the vulnerabilities This offered the protection group time to repair the susceptabilities prior to WordPress websites can be struck.

For additional information, surf the full list of changes on Trac, or look into the version 5.5.2 HelpHub documentation page.

Many thanks and also props!

The 5.5.2 launch was led by @whyisjake and also the complying with launch team:@audrasjb, @davidbaumwald, @desrosj, @johnbillion, @metalandcoffee, @noisysocks @planningwrite, @sarahricker and also @sergeybiryukov

Along with the protection scientists and also launch team participants stated over, thanks to everybody that aided make WordPress 5.5.2 take place:

Aaron Jorbin, Alex Concha, Amit Dudhat, Andrey “Rarst” Savchenko, Andy Fragen, Ayesh Karunaratne, bridgetwillard, Daniel Richards, David Baumwald, Davis Shaver, dd32, Florian TIAR, Hareesh, Hugh Lashbrooke, Ian Dunn, Igor Radovanov, Jake Spurlock, Jb Audras, John Blackbourn, Jonathan Desrosiers, Jon Brown, Joy, Juliette Reinders Folmer, kellybleck, mailnew2ster, Marcus Kazmierczak, Marius L. J., Milan Dinić, Mohammad Jangda, Mukesh Panchal, Paal Joachim Romdahl, Peter Wilson, Regan Khadgi, Robert Anderson, Sergey Biryukov, Sergey Yakimov, Syed Balkhi, szaqal21, Tellyworth, Timi Wahalahti, Timothy Jacobs, Towhidul I. Chowdhury, Vinayak Anivase, and also zieladam.

Cogknockers is a San Francisco WordPress Development Agency with 20+ Years Experience.  WordPress Design is at the core of our services.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Recent News


Scroll to Top