ArchLinux: 201601-2: wordpress: cross-side scripting
Summary
A cross-site scripting vulnerability has been discovered that could allow a site to be compromised.
Resolution
Upgrade to 4.4.1-1.
# pacman -Syu "wordpress>=4.4.1-1"
The problem has been fixed upstream in version 4.4.1.
References
https://access.redhat.com/security/cve/CVE-2016-1564 https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/ https://core.trac.wordpress.org/changeset/36185
Workaround
None.