Skip to content

ClassicPress 1.5.3
Compare
Choose a tag to compare
@mattyrob mattyrob released this 17 May 12:43
1.5.3
1ed2982

ClassicPress 1.5.3 is available now - use the "Source code (zip)" file below.

Here are the highlights from this release:

Notable changes since ClassicPress 1.5.2

This release is a maintenance and security release.

The security team would like to thank the following people for responsibly reporting vulnerabilities, and allowing them to be fixed in this release.

  • A CSRF issue updating attachment thumbnails; reported by John Blackbourn of the WordPress security team
  • A flaw allowing XSS via open embed auto discovery; reported independently by Jakub Żoczek of Securitum and during a third party security audit

More information

See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:

ClassicPress/ClassicPress@1.5.2+dev...1.5.3+dev

Assets 2
Loading