CVE-2018-3632 is a security vulnerability in the WordPress media management system. An attacker can exploit this issue to obtain access to the site media via the media manager or a plugin that uses the media manager. WordPress version 4.9.5 is vulnerable, 4.9.6 is not vulnerable. GPC has assigned the following CVE identifier: CVE-2018-3632. This issue was resolved in version 2.1.5. This issue was resolved in version 2.1.5. You can upgrade to the latest version here: You can upgrade to the latest version here: https://wordpress.org/news/latest-release/. - FIXED: GPC-FIXED: In some instances, when a membership site was upgraded from WP 3.7.1 to WP 3.7.2, members could not login. This was due to a change in the way that the upgrade process handles the WP_LOGOUT_REDIRECT_URI setting. - FIXED: GPC-FIXED: In some instances, when a membership site was upgraded from WP 3.7.1 to WP 3.7.2, members could not login. This was due to a change in the way that the upgrade process handles the WP_LOGOUT_REDIRECT_URI setting. - FIXED: GPC-FIXED: In some instances, when a membership site was upgraded from WP 3.7.1 to WP 3.7.2
WP Version 3.7.2
The latest version of WordPress is 3.7.2, which was released on November 15, 2018. This release fixes a remote code execution vulnerability in the media manager that could have allowed an attacker to gain access to your site's media files via your media manager or a plugin that uses the media manager.
What’s new in WordPress 3.8.0?
WordPress 3.8.0 comes with a ton of new features and improvements. Check out the release notes to see what this release has in store for you: https://wordpress.org/news/release-notes/3.8/.
Timeline
Published on: 10/19/2022 14:15:00 UTC
Last modified on: 10/20/2022 20:45:00 UTC