WordPress 3.9.6; 3.8.8 and 3.7.8 have a critical XSS vulnerability?
-
Hello
These versions still have the files
wp-content/themes/twentyfourteen/genericons/example.html (not deleted in 3.9.6 and 3.8.8)
While the discoverer of the vulenrability says that these files must be deleted: Netsparker Web Scanner Automatically Identifies DOM XSS Vulnerability in WordPress Default ThemeIn addition, these versions are available in french from the fault of 27 April 2015. Here is what they correct the fault of May 6, 2015?
In fact, the source code for 3.7.8; 3.8.8 and 3.9.6 is unchanged since April 27, 2015, so normally, these versions do not correct the fault of May 6, 2015.
The French versions of 3.9.6; 3.8.8 and 3.7.8 have published 28 April 2015: Are 3.7.8, 3.8.8 and 3.9.6 security releases going to be released?
Sorry for my bad English, I am using Bing translator.
- The topic ‘WordPress 3.9.6; 3.8.8 and 3.7.8 have a critical XSS vulnerability?’ is closed to new replies.