You are here

WordPress Releases Security Update - Updated June 11, 2020

WordPress Releases Security Update - Updated June 11, 2020

Created: Thursday, June 11, 2020 - 13:40
Categories:
Cybersecurity

June 11, 2020

WordPress 5.4.1 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. CISA encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.4.2. Read the advisory at CISA.

April 30, 2020

WordPress 5.4 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.4.1. Read the advisory at CISA.

December 13, 2019

WordPress 5.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. CISA encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.3.1. Read the advisory at CISA.

October 15, 2019

WordPress 5.2.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. The DHS Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.2.4. Read the advisory at CISA.

March 14, 2019

WordPress 5.1 and prior versions are affected by a vulnerability. An attacker could exploit this vulnerability to take control of an affected website. The NCCIC encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.1.1. Read the advisory at NCCIC/ICS-CERT.

October 31, 2017

WordPress versions prior to 4.8.3 are affected by a vulnerability. A remote attacker could exploit this vulnerability to obtain sensitive information. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 4.8.3. US-CERT.

May 17, 2017

WordPress versions prior to 4.7.5 are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. Users and administrators are encouraged to review the WordPress Security Release and upgrade to WordPress 4.7.5. US-CERT.

March 6, 2017

WordPress 4.7.2 and prior versions are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 4.7.3. US-CERT.

February 1, 2017

On February 1, WordPress disclosed an additional vulnerability that is fixed in version 4.7.2. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 4.7.2. US-CERT.

January 26, 2017

WordPress 4.7.1 and prior versions are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 4.7.2. US-CERT.

September 16, 2016

US-CERT advises that WordPress 4.3 and prior versions contains two cross-site scripting vulnerabilities and a potential privilege escalation. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to WordPress 4.3.1. US-CERT.