WordPress 5.7.2 is now available.
This security release features one security fix. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.
WordPress 5.7.2 is a short-cycle security release. The next major release will be version 5.8.
You can update to WordPress 5.7.2 by downloading from WordPress.org, or visit your Dashboard → Updates and click Update Now.
If you have sites that support automatic background updates, they’ve already started the update process.
Security Updates
One security issue affecting WordPress versions between 3.7 and 5.7. If you haven’t yet updated to 5.7, all WordPress versions since 3.7 have also been updated to fix the following security issue:
Object injection in PHPMailer, CVE-2020-36326 and CVE-2018-19296.
Thank you to the members of the WordPress security team for implementing these fixes in WordPress.
For more information refer to the version 5.7.2 HelpHub documentation page.
Thanks and props!
The 5.7.2 release was led by @peterwilsoncc and @audrasjb.
Thank you to everyone who helped make WordPress 5.7.2 happen: @audrasjb, @ayeshrajans, @desrosj, @dd32, @peterwilsoncc, @SergeyBiryukov, and @xknown.
More Stories
firefox-111.0-1.fc38
FEDORA-2023-ed41d3a922 Packages in this update: firefox-111.0-1.fc38 Update description: Update to latest upstream (111.0) Read More
firefox-111.0-1.fc37
FEDORA-2023-24b2b22eca Packages in this update: firefox-111.0-1.fc37 Update description: Update to latest upstream (111.0) Read More
redis-7.0.10-1.fc37
FEDORA-2023-86068d1187 Packages in this update: redis-7.0.10-1.fc37 Update description: Redis 7.0.10 Released Mon Mar 20 16:00:00 IST 2023 Upgrade urgency: SECURITY,...
redis-7.0.10-1.fc38
FEDORA-2023-e3e1f9dd4d Packages in this update: redis-7.0.10-1.fc38 Update description: Redis 7.0.10 Released Mon Mar 20 16:00:00 IST 2023 Upgrade urgency: SECURITY,...
USN-5965-1: TigerVNC vulnerability
It was discovered that TigerVNC mishandled TLS certificate exceptions. An attacker could use this vulnerability to impersonate any server after...
CVE-2012-10009
A vulnerability was found in 404like Plugin up to 1.0.2. It has been classified as critical. Affected is the function...