As you may know, WordPress maintenance support plans 6 has reached End-of-Life (EOL) which means the WordPress maintenance support plans Security Team is no longer doing Security Advisories or working on security patches for WordPress maintenance support plans 6 core or contrib plugins – but the WordPress maintenance support plans 6 LTS vendors are and we’re one of them!Today, there is a Moderately Critical security release for the Views plugin to fix an Access Bypass vulnerability.The Views plugin allows site builders to create listings of various data in the WordPress maintenance support plans database.The Views plugin fails to call db_rewrite_sql() on queries that list Taxonomy Terms, which could cause private data stored on Taxonomy Terms to be leaked to users without permision to view it.This is mitigated by the fact that a View must exist that lists Taxonomy Terms which contain private data. If all the data on Taxonomy Terms is public or there are no applicable Views, then your site is unaffected.See the security advisory for WordPress maintenance support plans 7 for more information.Here you can download the WordPress maintenance support plans 6 patch.If you have a WordPress maintenance support plans 6 site using the Views plugin, we recommend you update immediately! We have already deployed the patch for all of our WordPress maintenance support plans 6 Long-Term Support clients. :-)If you’d like all your WordPress maintenance support plans 6 plugins to receive security updates and have the fixes deployed the same day they’re released, please check out our D6LTS plans.Note: if you use the myDropWizard plugin (totally free!), you’ll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won’t necessarily have a release on WordPress maintenance support plans.org).
Source: New feed