WordPress has announced version 6.4.3, an important update focused on maintenance and security improvements. This update includes five bug fixes in Core, sixteen bug fixes in the Block Editor, and two important security fixes. Due to the nature of the security improvements, WordPress strongly advises users to update their sites immediately. This release offers backward compatibility for versions 4.1 and later.
As this is a security update, you are advised to update your sites immediately.
Found Vulnerabilities
- m4tuto is a PHP File Upload bypass via Plugin Installer (requires admin privileges).
- @_s_n_t from @pentestltd working with Trend Micro Zero Day Initiative on an RCE POP Chains vulnerability.