What’s New In Wordpress 5.0.1 Version?

wordpress.jpg

Baymediasoft Blog

Dec 27, 2018

What’s New In Wordpress 5.0.1 Version?

Wordpress latest version 5.0.1 is now successfully launched worldwide which is basically a Security Release for all the previous versions which has been launched since WordPress 3.7.

Go ahead and update your WordPress sites as soon as possible.

This latest version fixes all the bugs which have been faced by all the previous versions of Wordpress.

There were only seven bugs that needed to be fixed, and it's all done with Wordpress 5.0.1. Let's Discuss each of the flaws one by one.

1) Creation of Unauthorized posts: Simon Scannell of PHP security company "RIPS Technologies" discovered that authors could create posts of unapproved types with extraordinarily made information.

2) Deletion of Unauthorized Files: The another one from RIPS Technologies, Karim El Ouerghemmi discovered that authors could delete the files which were not authorized to them.

3) Exposing the Sensitive data: Team YOAST discovered this bug, which revealed that an attacker could access the user activation screen for new users which resulted in the exposure of email addresses and, in some circumstances, it could also lead to the disclosure of default generated passwords.

4) Cross-Site Scripting (XSS) Vulnerability, bypassing the MIME: This flaw was Introduced by Tim Coen along with Slavco Mihajloski, which revealed that authors on Apache-hosted sites could upload individually crafted files that resulted in dodging the MIME verification.

5)  Cross-Site Scripting (XSS) Vulnerability, editing new comments: This bug was discovered by Tim Coen himself which introduces a situation where subscribers had an opportunity to edit new comments from higher-privileged users. WordPress approached this issue by eliminating the <form> tag from their HTML whitelist.

6) Cross-Site Scripting (XSS) Vulnerability, affecting plugins: This was also discovered by Tim Coen, which shows that specially crafted URL inputs result in XSS vulnerability. They don't affect Wordpress itself, but in some circumstances, plugins are certainly affected.

7) Resulting, the PHP object Injection: In the context of Wordpress, Sam Thomas introduced that contributors could alter Meta data in such a way that results in PHP object Injection. It is the vulnerability, in which two conditions meet to carry out malicious attacks.

If you haven't downloaded the version yet, you may download from WORDPRESS 5.0.1 by clicking on it.

If you are looking for developing your website over WordPress, then you are just a step away from innovative custom WordPress designs. We at Baymediasoft, let our clients interact with us and develop their Wordpress websites according to their demands.

 

Author
user-image-.png
Kamlesh Suthar

Be the first to comment!

Leave a comment

recent blogs

Checkout more of our Creative Writings

WordPress The Safest Platform For Entrep...

WordPress Is Self-possessed For Expected Growth As...

J

  • James Smith
  • |
  • 5 months ago
Wordpress Development Services

Creating Your Websites In WordPress Does Not Let Y...

J

  • James Smith
  • |
  • 5 months ago
Blockchain Technology

Blockchain Technology Is Winning Trust With Time....

S

  • Sheron Kelly
  • |
  • 5 months ago
Best WordPress Plugins For Performance O...

WordPress As A Stage Offers A Lot Of Choices For E...

J

  • James Smith
  • |
  • 8 months ago
Quick Steps To Add Header And Footer Cod...

Here We Will Be Discussing Two Methods By Which Yo...

J

  • James Smith
  • |
  • 8 months ago
A Quick Guide For Fixing 500 Internal Se...

This Internal Server Error Screen Surely Panics Ev...

K

  • Kathy Johnson
  • |
  • 8 months ago

clients

head quarter

ping us!

let's get connected