WordPress 5.2.4 Update

Read Time:29 Second

Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution.

Simon has done a great deal of work on the WordPress project, and failing to mention his contributions is a huge oversight on our end.

Thank you to all of the reporters for privately disclosing vulnerabilities, which gave us time to fix them before WordPress sites could be attacked.

SEC SIM Swapper Gets 14 Months for X Account Hijack

Legal Aid Agency Admits Major Breach of Applicant Data

#Infosec2025: How CISOs Can Stay Ahead of Evolving Cloud Threats

Friday Squid Blogging: Pet Squid Simulation

Communications Backdoor in Chinese Power Inverters

US Officials Impersonated Via SMS and Voice Deepfakes

Prescription for disaster: Sensitive patient data leaked in Ascension breach

UK Cyber Vacancies Growing 12% Per Year

Russian Espionage Operation Targets Organizations Linked to Ukraine War

openssh-9.9p1-11.fc42

openssh-9.9p1-4.fc41

DSA-5922-1 firefox-esr – security update

DSA-5923-1 net-tools – security update

iputils-20240905-4.fc41

iputils-20240905-4.fc42