=====================================================================

                           CERT-Renater

               Note d'Information No. 2015/VULN060
_____________________________________________________________________

DATE                : 30/04/2015

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running WordPress versions prior to 4.2.1.

======================================================================
https://wordpress.org/news/2015/04/wordpress-4-2-1/
______________________________________________________________________

WordPress 4.2.1 Security Release

Posted April 27, 2015 by Gary Pendergast. Filed under Releases,
Security.

WordPress 4.2.1 is now available. This is a critical security release
for all previous versions and we strongly encourage you to update your
sites immediately.

A few hours ago, the WordPress team was made aware of a cross-site
scripting vulnerability, which could enable commenters to compromise a
site. The vulnerability was discovered by Jouko Pynnönen.

WordPress 4.2.1 has begun to roll out as an automatic background
update, for sites that support those.

For more information, see the release notes or consult the list of
changes.

Download WordPress 4.2.1 or venture over to Dashboard → Updates and
simply click “Update Now”.


=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================