WordPress v6.4.2 - Critical Vulnerability

v6.4.0 & v6.4.1 have a potential remote code execution vulnerability, when combined with other plugins.

A Remote Code Execution vulnerability that is not directly exploitable in core, however the security team feels that there is a potential for high severity when combined with some plugins, especially in multisite installs. - WordPress Team

The WordPress team has an impossible task of understanding how the core code works and integrates with thousands (millions?) of plugins! That's why it's important to update quickly (and slowly for major / minor version changes).

Subscribe to WebDev news from candland.net

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.