WordPress Core Security Update Advisory

May 08 2024

Overview

We have released an update to address a vulnerability in WordPress Core. users of affected versions are advised to update to the latest version.

Affected Products

WordPress Core versions prior to 6.5.2

Resolved Vulnerabilities

XSS vulnerability via user display name in the avatar block in WordPress Core (CVE-2024-4439)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

WordPress Core 6.5.2 version

Referenced Sites

[1] CVE-2024-4439 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-4439

[2] WordPress 6.5.2 Maintenance and Security Release

https://wordpress.org/news/2024/04/wordpress-6-5-2-maintenance-and-security-release/

WordPress Core Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Cisco Family Security Update Advisory

Security Update Advisory for TunnelVision Attack (CVE-2024-3661)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Cisco Family Security Update Advisory

Security Update Advisory for TunnelVision Attack (CVE-2024-3661)