Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution.
Simon has done a great deal of work on the WordPress project, and failing to mention his contributions is a huge oversight on our end.
Thank you to all of the reporters for privately disclosing vulnerabilities, which gave us time to fix them before WordPress sites could be attacked.
More Stories
OpenIPMI-2.0.36-1.fc41
FEDORA-2025-ae55d50be2 Packages in this update: OpenIPMI-2.0.36-1.fc41 Update description: Update to 2.0.36 Fixes CVE-2024-42934 Read More
chromium-134.0.6998.88-3.fc42
FEDORA-2025-6b9cbdbdff Packages in this update: chromium-134.0.6998.88-3.fc42 Update description: Update to 134.0.6998.88 High CVE-2025-1920: Type Confusion in V8 High CVE-2025-2135: Type...
jupyterlab-4.3.6-1.fc41
FEDORA-2025-e50201543b Packages in this update: jupyterlab-4.3.6-1.fc41 Update description: Update to 4.3.6 (rhbz#2352545) Read More
jupyterlab-4.3.6-1.fc40
FEDORA-2025-1d68ba6806 Packages in this update: jupyterlab-4.3.6-1.fc40 Update description: Update to 4.3.6 (rhbz#2352545) Read More
MS-ISAC CYBERSECURITY ADVISORY – Multiple Vulnerabilities in Sante PACS Server Could Allow for Remote Code Execution – PATCH NOW – TLP: CLEAR
Multiple vulnerabilities have been discovered in Sante PACS Server, the most severe of which could allow for remote code execution....
dotnet8.0-8.0.114-1.fc40
FEDORA-2025-83c147615e Packages in this update: dotnet8.0-8.0.114-1.fc40 Update description: This is the monthly update for .NET for March 2025. Release Notes:...