WordPress 6.5.5 Security Release Now Available

WordPress 6.5.5 Security Release

In case you missed it, WordPress 6.5.5 Security Release was made available earlier today by the WordPress dev team.

This is a minor release but it being a security release, it’s imperative that every WordPress site must be updated immediately for the site’s protection and the user’s peace of mind.

Security updates included in WordPress 6.5.5

Here are the reported vulnerabilities that were fixed in this release:

  • A cross-site scripting (XSS) vulnerability affecting the HTML API reported by Dennis Snell of the WordPress Core Team, along with Alex Concha and Grzegorz (Greg) Ziółkowski of the WordPress security team.
  • A cross-site scripting (XSS) vulnerability affecting the Template Part block reported independently by Rafie Muhammad of Patchstack and during a third party security audit.
  • A path traversal issue affecting sites hosted on Windows reported independently by Rafie M & Edouard L of Patchstack, David Fifield, x89, apple502j, and mishre.

You can download WordPress 6.5.5 directly from the official WordPress site, or head over to your WordPress Dashboard, click on “Updates“, then click on “Update Now“. If you have enabled automatic updates, then you don’t have to do anything as it update process will be done automatically.

WordPress 6.5.5 is a short-cycle release. The next major release will be version 6.6 which is scheduled for July 16, 2024.

Kudos to the WordPress dev team, community members, as well as the various individuals who reported the vulnerabilities fixed in this release.

What are you waiting for? Unless you have automatic updates enabled, you should update to WordPress 6.5.5 ASAP!

This post may contain affiliate links that allow us to earn commissions at no additional cost to you. We are reader-supported so when you buy through the affiliate links, you are also helping or supporting us. 

Leave a Reply

Your email address will not be published. Required fields are marked *

JaypeeOnline