WordPress community, on Tuesday, unveiled version 4.9.2, which is a security and maintenance release, applicable to all WordPress versions above 3.7.
The latest WordPress version includes fixes to a ‘cross site scripting (XSS)’ vulnerability which was discovered in Flash fallback files in “MediaElement 4.x” library. The MediaElement library in WordPress is for enhanced audio and video playback.
WordPress updated the MediaElement library and removed the Flash fallbacks from it, because of its decreased demand and history of security problems.
The WordPress 4.9.2 improves the design process, and provides better code error checking function and code syntax highlighting for a fluid site experience.
In October 2017, an SQL injection vulnerability was found in WordPress 4.8.2 and older versions, which could lead to website hacking. This was a major security attack and WordPress had to release version 4.8.3 with security updates.
When WordPress development team had released version 4.9 in November last year, they had named it WordPress 4.9 ‘Tipton’, to honor American jazz musician and bandleader, Billy Tipton.
Users can upgrade to latest version using the Updates option in WordPress Dashboard. Sites with automatic background updates will update automatically.