Updated wordpress package fixes security vulnerabilitiesPublication date: 27 Jul 2015
Affected Mageia releases : 4
CVE: CVE-2015-5622 , CVE-2015-5623
WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site (CVE-2015-5622). WordPress versions 4.2.2 and earlier are affected by an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft (CVE-2015-5623).