WordPress

Version: 5.4.2
Required memory: 256MB
Last updated 11 Jun 2020


What's new

  • Update WordPress to 5.4.2
  • [Release post](https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/)
  • Props to Sam Thomas (jazzy2fives) for finding an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor.
  • Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
  • Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
  • Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads.
  • Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation.
  • Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions.


Description

This app packages WordPress 5.4.2.

This is the Managed WordPress package. Cloudron team tracks upstream WordPress releases and publishes updates. The WordPress code is read-only and you can extend WordPress using plugins.

WordPress is web software you can use to create a beautiful website or blog. We like to say that WordPress is both free and priceless at the same time.

The core software is built by hundreds of community volunteers, and when you’re ready for more there are thousands of plugins and themes available to transform your site into almost anything you can imagine. Over 60 million people have chosen WordPress to power the place on the web they call “home” — we’d love you to join the family.

Apps


Install WordPress in a few minutes on your server with Cloudron. To install Cloudron first, follow our setup steps.