WordPress 3.8.2 released
Release Date: 2014-04-10
Criticality: Moderately Critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting
... vulnerabilities are reported in versions prior to 3.8.2.
Solution: Update to version 3.8.2.
April 8, 2014 - "WordPress 3.8.2 is now available. This is an important security release for all previous versions and we strongly encourage you to update your sites immediately. This releases fixes a weakness that could let an attacker force their way into your site by forging authentication cookies... This release also fixes nine bugs and contains three other security hardening changes..."
- https://web.nvd.nist...d=CVE-2014-0165 - 4.0
- https://web.nvd.nist...d=CVE-2014-0166 - 6.4 (HIGH)
Apr 11 2014
Impact: Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to versions 3.7.2 and 3.8.2 ...
Solution: The vendor has issued a fix (3.7.2, 3.8.2)...
Edited by AplusWebMaster, 11 April 2014 - 11:27 PM.