缙哥哥今天后台已经可以看到WordPress 5.4.1 版本的推送了,由于涉及到安全问题,缙哥哥第一时间在备份了网站程序和数据库之后,进行了更新 WordPress 版本,同时也建议小伙伴们赶紧升级!
如果你的服务器在国内,可参考该文章升级 https://www.dujin.org/14327.html
这次 WordPress 5.4 更新的重点是有六个安全问题影响 WordPress 5.4 及更早版本;而最新版本修复了这些问题,因此建议赶紧升级。如果尚未更新到5.4,则还有5.3和更早版本的更新版本可解决安全问题。
而缙哥哥总是喜欢做一个尝鲜的人,即便《WordPress官方疑似解除对中国限制,可直接升级下载主题插件》,还是贴心的更新了最新的 WordPress 最新版本,共网络线路不稳定的人更新。
5.4.1安全更新
- Props to Muaz Bin Abdus Sattar and Jannes who both independently reported an issue where password reset tokens were not properly invalidated
翻译:密码重置令牌未正确无效。 - Props to ka1n4t for finding an issue where certain private posts can be viewed unauthenticated
翻译:某些私密文章无需身份验证即可查看。 - Props to Evan Ricafort for discovering an XSS issue in the Customizer
翻译:定制程序中的两个跨站点脚本(XSS)漏洞。 - Props to Ben Bidner from the WordPress Security Team who discovered an XSS issue in the search block
翻译:在搜索块中的XSS问题。 - Props to Nick Daugherty from WPVIP.com / WordPress Security Team who discovered an XSS issue in wp-object-cache
翻译:WordPress对象缓存中的XSS问题。 - Props to Ronnie Goodrich (Kahoots) and Jason Medeiros who independently reported an XSS issue in file uploads.
翻译:文件上传的XSS问题。 - Additionally, an authenticated XSS issue in the block editor was discovered by Nguyen the Duc in WordPress 5.4 RC1 and RC2. It was fixed in 5.4 RC5. We wanted to be sure to give credit and thank them for all of their work in making WordPress more secure.
翻译:WordPress 5.4 RC 1和2的块编辑器中的XSS问题(在5.4 RC5中修复)。
同时还做出了11点维护更新,具体可参见官方说明 https://wordpress.org/support/wordpress-version/version-5-4-1/
![缙哥哥常用运行库下载汇总[2019.1更新]](https://img.dujin.org/images/windowsyunxingku.jpg)
![大冬天来一个泳池内的花季少女摄影图[9P]-缙哥哥](https://img.dujin.org/uploads/2016/12/2016120600161.jpg)
评论前必须登录!
注册