This is no longer the latest release of ClassicPress!
We’re happy to announce the release of ClassicPress 1.4.3.
This release contains security fixes to match the security changes in WordPress versions 6.0.2 and 4.9.21 (both released earlier this week). It is available now.
- Fariskhi Vidyan for finding a possible SQL injection within the Link API.
- Khalilov Moe for finding an XSS vulnerability on the Plugins screen.
-
John Blackbourn of the WordPress security team, for finding an output escaping issue within
the_meta().
For new features as compared to 1.4.2 and older releases of ClassicPress, please see the version 1.4.2 release notes.
If your ClassicPress site has automatic updates enabled (the default configuration), then the new version will be installed automatically. Otherwise, we recommend upgrading your site(s) to 1.4.3 to receive all latest fixes and updates.
Download this release
| New sites | DownloadClassicPress-release-1.4.3.zipand follow the installation instructions. |
|---|---|
| Existing WordPress sites | Download the migration plugin and follow the migration instructions. |
| Existing ClassicPress sites | Use the built-in update mechanism (more info). |
Full changelog
The full changelog is available on GitHub.