September WordPress Updates

Sep 10, 2019Blog, WordPress Maintenance0 comments

September WordPress Updates

WordPress just pushed out their latest update, 5.2.3 to fix several updates. This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade. This is a mid-cycle release. The next major release will be WordPress 5.3.

The Technical Stuff

Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues. The first, a cross-site scripting (XSS) vulnerability found in post previews by contributors. The second was a cross-site scripting vulnerability in stored comments.
Props to Tim Coen for disclosing an issue where validation and sanitization of a URL could lead to an open redirect.
Props to Anshul Jain for disclosing reflected cross-site scripting during media uploads.
Props to Zhouyuan Yang of Fortinet’s FortiGuard Labs who disclosed a vulnerability for cross-site scripting (XSS) in shortcode previews.
Props to Ian Dunn of the Core Security Team for finding and disclosing a case where reflected cross-site scripting could be found in the dashboard.
Props to Soroush Dalili (@irsdl) from NCC Group for disclosing an issue with URL sanitization that can lead to cross-site scripting (XSS) attacks.
In addition to the above changes, we are also updating jQuery on older versions of WordPress. This change was added in 5.2.1 and is now being brought to older versions.

If your site didn’t automatically update, you can download it yourself by visiting your dashboard and go to the Updates section and click the Update Now. If you have a hosting site that supports automatic updates, then your site is probably already updated. Before you start, make sure you have a good backup in place and then update. If you need help, please feel free to contact me.

Related Blogs

Case Study: Pinkney Law Firm

April 30 2024

Pinkney Law Firm is a new law firm run by Whitney Pinkney in Lancaster, Ky. She specializes in family law along with criminal and general legal. Pinkney needs a basic website to get her name out in the community and give potential clients a way to connect with her....

Church Website. Does your church have one?

August 31 2023

In this digital age, having a well-designed church website is more important than ever. It serves as a virtual front door to your congregation, welcoming both existing members and potential visitors. A thoughtfully crafted website can enhance communication, foster...

I was most impressed that Darrell was able to take the pages from my website and get them to a point where we could take the next step to refine the pages to my ideas. I was very happy with his response to my suggestions and requests on various components of the page; images, text, etc.

After updating my site, he took some time to show me how to do my own editing and use the tools he put into place. Kudos, Mr. Jordan!

Michael Beall
Jordan Web Solutions does a fantastic job of not only illustrating content, but also making sure to use phrases and words that will get your site to pop up in search engines. Professional, knowledgable, and quick. I would recommend them to anyone.

David Kibler
Darrell listened to what I wanted and designed the web site accordingly. He worked with us making changes as the site developed. He also had good suggestions and provided the instruction I needed.

Rick Mordoff
Darrell was extremely creative, he had a lot of ideas for my website, which was fantastic because I didn't really know what was possible, or what exactly I wanted. He filled in a lot of gaps! He was also extremely patient with me, since I am not as tech savvy as some. I would definitely work with him again!

AJ Mortara
Darrell Jordan has designed and maintained our church website for the past several years. Darrell is creative, efficient, and very accommodating. He has gone “above and beyond” to give us exactly what we’re looking for. I recommend him highly!

Mark Jones
I’ve worked with Darrell for nearly 7 years. He has hosted several of my business websites, and I have recommended him to several family members and friends. He is professional, and very accessible, which is important when you need help with a business website. Much better than working with a large, faceless corporation.

Feoshia Davis
I want to thank you for the work you did building us a new website. We are very pleased. The site looks so good. We are proud to call it our’s. I appreciate how agreeable you were to work with. You didn’t make us feel dumb because we knew so little about what we were doing. Thanks for that. Our new website is going to serve us for years to come. Once again, thank you.

Stephen Hobbs