7/23/2015 WordPress 4.2.3 Update – Critical Security & Maintenance Release

Issue: WordPress has released an update (4.2.3). This is a critical update
Status: Update has been released.
Who is impacted? Websites running anything less than 4.2.3.

Early this morning (7/23/2015), WordPress released an update to version 4.2.3 and it is now available. We’re recommending all customers update to the latest version (WordPress 4.2.3) immediately. This is considered a critical security release for all previous versions of WordPress.

Why was this update released?

This security update corrects a cross-site scripting vulnerability, which would allow an anonymous user to exploit a site. The security release also includes a fix for an issue where it was possible for a user with “Subscriber” permissions to create a draft using Quick Draft. This new release also has roughly 20 fixes for bugs previously reported. Information on the bugs and their fixes can be seen here.

Leave a Reply