By Month

Aug 2022
Dec 2020
May 2020
Feb 2020
Jan 2020
Sept 2018
Jul 2018
Apr 2018
Dec 2017
Oct 2017
Older Announcements...
View RSS Feed

  By Month

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

https://wordpress.org/news/2015/05/wordpress-4-2-2/

  • Sunday, 10th May, 2015
  • 09:23am

Hi All

We have been experiencing server issues which have been tracked back to this problem with Wordpress

If you have a wordpress site on our server please login ASAP and update Wordpress and any plugins. If you fail to do this your website will be shut down over the next few days and may be removed totally from our servers.

This is causing issues for all clients on the server and needs addressing ASAP

If Blue Sky Creative manage your website on Security updates you do not need to do anything as this will be double checked over today and tomorrow.

This problem has been effecting our MySql Server

Info about this issue is here on Wordpress website https://wordpress.org/news/2015/05/wordpress-4-2-2/



WordPress 4.2.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

Version 4.2.2 addresses two security issues:

  • The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML file vulnerable to a cross-site scripting attack. All affected themes and plugins hosted on WordPress.org (including the Twenty Fifteen default theme) have been updated today by the WordPress security team to address this issue by removing this nonessential file. To help protect other Genericons usage, WordPress 4.2.2 proactively scans the wp-content directory for this HTML file and removes it. Reported by Robert Abela of Netsparker.
  • WordPress versions 4.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. WordPress 4.2.2 includes a comprehensive fix for this issue. Reported separately by Rice Adu and Tong Shi from Baidu[X-team].

The release also includes hardening for a potential cross-site scripting vulnerability when using the visual editor. This issue was reported by Mahadev Subedi.

Our thanks to those who have practiced responsible disclosure of security issues.

WordPress 4.2.2 also contains fixes for 13 bugs from 4.2. For more information, see the release notes or consult the list of changes.

Download WordPress 4.2.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.2.2.


Any problems please get in touch via our Facebook or twitter page

Regards

Blue SKy Creative

« Back

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket