wordpress 6.0.3 security release » jaypeeonline

In case you missed it, WordPress team released WordPress 6.0.3 yesterday.   Media Library Reflected XSS via SQLi Ben Bidner from WordPress and Marc Montpas from Automattic discovered this issue.   Stored XSS via Customizer Alex Concha from WordPress team.   Revert shared user instances introduced in 50790 Alex Concha and Ben Bidner from WordPress team.   Stored XSS WordPress Core via Comment Editing Third-party security audit and Alex Concha from WordPress team.   Stored XSS in the search block Alex Concha of WP Security team.   WordPress 6.0.3 is short-cycle release, meaning that the major release is going to be version 6.1.   For those who are interested to learn more about security vulnerabilities that were patched WordPress 6.0.3, you might want to check out Vulnerability Analysis done by Wordfence..   For those of you who have not enabled background updates or are not familiar with this feature, you can do so by logging in to your WordPress Dashboard > Updates and then clicking Update Now..   Thank you, WordPress team for your hard work and for addressing these security vulnerabilities with WordPress 6.0.3...   Read more