WordPress Releases 6.02 Security Update to Fix Three Vulnerabilities

September 27, 2022 | | Updated: February 21, 2023

WordPress announced a security and maintenance update containing bug fixes and security patches to address three severe to medium vulnerabilities. The update downloads and installs automatically, and users need to check if the website is updated correctly and functions normally. The update has 12 fixes for the WordPress core and 5 for the block editor. There is a notable change in the Pattern Directory to make it more appealing to the theme authors by serving specific patterns related to their themes. The update fixes a high-severity SQL Injection vulnerability with administrative privileges and two other vulnerabilities called Stored Cross-Site Scripting. It also fixes yet another vulnerability not part of WordPress core – a vulnerability to a JavaScript data library called Moment, which WordPress uses.