WordPress blogs around the world began to receive an automatic security update late on April 8 to fix security vulnerabilities. The WordPress 3.8.2 and 3.7.2 updates each provide five security fixes, as well as multiple non-security bug updates.
The open-source WordPress content management system is widely deployed around the world and is used to power many of the world’s leading technology media sites. In October 2013, the company released WordPress 3.7, which provided users with an automatic update capability for important security and bug fixes. WordPress 3.8 was first released in December 2013 and received an automatic update to version 3.8.1 in January for 31 bug fixes.
The WordPress 3.8.2 and 3.7.2 updates include a fix for CVE-2014-0165, which is a privilege-escalation vulnerability that could have potentially enabled unauthorized contributors to publish posts.