Context Navigation

← Previous Ticket
Next Ticket →

#63300 closed defect (bug) (duplicate)

WordPress TinyMCE 4.9.11 version

Reported by:	praveenelevon	Owned by:
Milestone:	Awaiting Review	Priority:	normal
Severity:	critical	Version:	6.7.2
Component:	General	Keywords:
Focuses:		Cc:

Description

Hi Guys,
WordPress latest version 6.7.2 comes with TinyMCE 4.9.11 version which show vulnerability issues. How to get the vulnerability issue fixed? Why WordPress is not coming with latest version of TinyMce? Can anyone help.

Vulnerable javascript library: TinyMCE
version: 4.9.11
script uri: wp-includes/js/tinymce/tinymce.min.js?ver=49110-20201110
Details:
TinyMCE 5.1.6 provides improvement in CDATA parsing and sanitization to address a cross-site scripting (XSS) vulnerability. Please refer to vendor documentation (https://www.tiny.cloud/docs/release-notes/release-notes516/) for more information.

Change History (1)

#1 @Presskopp
5 weeks ago

Resolution set to duplicate
Status changed from new to closed

Duplicate of #47218.

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core