Let’s update! WordPress 5.4.2 is now available for the general public to test. The update rolled out yesterday as a Security and Maintenance Release. The release is for all the previous versions of WordPress. Therefore I recommend you have this update first tested and then applied to your WordPress site without delay. First of all read my step by step guide in the article on How to Manually Update A New Version Of WordPress In Your Synology NAS. mariushosting.com has already installed the latest WordPress 5.4.2
The WordPress 5.4.2 Security and Maintenance release includes 23 enhancements and 6 security fixes. The update is crucial as it includes security updates. So, go ahead and test right away!
Security Issues fixed in WordPress 5.4.2
- An open redirect issue in wp_validate_redirect().
- An authenticated XSS issue via theme uploads.
- Issue where set-screen-option can be misused by plugins leading to privilege escalation.
- Comments from password-protected posts and pages could be displayed under certain conditions.
According to the official announcement post, WordPress 5.4.2 Security and Maintenance release is a short-cycle release and the next major release is going to be WordPress 5.5
You can check out the changelog to learn more about the changes in this release.