{"id":"MGASA-2015-0202","summary":"Updated wordpress packages fix security vulnerabilities","details":"Updated wordpress packages fixes security vulnerabilities:\n\nThe wordpress package has been updated to version 3.9.6, which fixes multiple\ncross-site scripting issues, including CVE-2015-3440, and other bugs.\n\nNote that upstream has advised us that WordPress 3.9.x is no longer supported.\nAs this package is unmaintained, this may be the last update for this package.\nDownloading the latest version from upstream and using that, as well as making\nuse of its aut-update capability, may be preferrable to using this package.\n","modified":"2026-04-16T06:24:55.866309248Z","published":"2015-05-08T23:54:13Z","upstream":["CVE-2015-3440"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0202.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15786"},{"type":"WEB","url":"http://codex.wordpress.org/Version_3.9.5"},{"type":"WEB","url":"http://codex.wordpress.org/Version_3.9.6"}],"affected":[{"package":{"name":"wordpress","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/wordpress?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.9.6-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0202.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}