Let’s update! WordPress 5.4.2 is now available for the general public to test. The update rolled out yesterday as a Security and Maintenance Release. The release is for all the previous versions of WordPress. Therefore I recommend you have this update first tested and then applied to your WordPress site without delay. First of all read my step by step guide in the article on How to Manually Update A New Version Of WordPress In Your Synology NAS. mariushosting.com has already installed the latest WordPress 5.4.2

The WordPress 5.4.2 Security and Maintenance release includes 23 enhancements and 6 security fixes. The update is crucial as it includes security updates. So, go ahead and test right away!

Security Issues fixed in WordPress 5.4.2

• Issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor.
• Authenticated users with upload permissions are able to add JavaScript to media files.
• An open redirect issue in wp_validate_redirect().
• An authenticated XSS issue via theme uploads.
• Issue where set-screen-option can be misused by plugins leading to privilege escalation.
• Comments from password-protected posts and pages could be displayed under certain conditions.

According to the official announcement post, WordPress 5.4.2 Security and Maintenance release is a short-cycle release and the next major release is going to be WordPress 5.5

You can check out the changelog to learn more about the changes in this release.
Note: If you have any questions regarding the WordPress official version vs WordPress Synology Package, Contact me.
Note: mariushosting has been hosted from home on a Synology NAS device since January 9, 2019.

This post was updated on Wednesday / July 21st, 2021 at 12:34 AM