Hello Craig,

while I was preparing a Wordpress update for Jessie I discovered that
CVE-2018-14028 has not been fixed yet. The upstream ticket is still open

https://core.trac.wordpress.org/ticket/44710

and there was no mention of a fix in the release changelog of version 4.9.8.

https://wordpress.org/support/wordpress-version/version-4.9.8/

I believe it is best to keep this bug report open until upstream closes
44710 eventually.

Regards,

Markus





Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to