Security News > 2020 > May > Several Vulnerabilities Patched With Release of WordPress 5.4.1
2020-05-01 12:22
Several vulnerabilities, most of which have been described as cross-site scripting flaws, have been patched in WordPress this week with the release of version 5.4.1.
WordPress 5.4.1, described as a short-cycle security and maintenance release, fixes 17 bugs and 7 vulnerabilities affecting version 5.4 and earlier.
WordPress security firm Defiant has published a blog post describing each of the patched vulnerabilities and none of them appears too serious or easy to exploit.
WordPress developers mentioned that the block editor was also affected by an XSS flaw that could have been exploited by an authenticated attacker.
A majority of attacks exploit vulnerabilities in plugins and themes rather than the WordPress core.