Skip to content

Instantly share code, notes, and snippets.

@Jnchi

Jnchi/README.md

Created September 23, 2019 13:01
Show Gist options
  • Save Jnchi/7c449942a0d96ab23f977a5d0a4cb36d to your computer and use it in GitHub Desktop.
Save Jnchi/7c449942a0d96ab23f977a5d0a4cb36d to your computer and use it in GitHub Desktop.
Download ZIP
Validating security patches for jQuery in WordPress releases
Raw
README.md

WordPress and jQuery

WordPress v5.2.2 ships with a patched version of jQuery v1.12.4, with backports from 3.4.0; however, it is difficult to verify that the fixes have been applied.

Two flaws found for jQuery v1.12.4 via Snyk:

Commit: https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

Commit: https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc?diff=unified

Download WordPress 5.2.2 and decompress,

URL: file:///wordpress-5.2.2/wordpress/wp-includes/js/jquery/jquery.js

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df *wordpress-5.2.2/wordpress/wp-includes/js/jquery/jquery.js

Commit: https://github.com/WordPress/WordPress/blob/80aee4ae87343ea3990314c453793d334beb8ebb/wp-includes/js/jquery/jquery.js

/*! jQuery v1.12.4 | (c) jQuery Foundation | jquery.org/license | WordPress 2019-05-16 */

Download jQuery 1.12.4,

URL: https://code.jquery.com/jquery-1.12.4.min.js

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 *jquery-1.12.4.min.js

/*! jQuery v1.12.4 | (c) jQuery Foundation | jquery.org/license */

Resources:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment