diff --git a/wordpress-6.2.4.tar.gz b/wordpress-6.2.5.tar.gz
similarity index 75%
rename from wordpress-6.2.4.tar.gz
rename to wordpress-6.2.5.tar.gz
index 5d75c838c09618ac71789439d424354cc004037d..81c69f85c1f6b191213663b730de8f3e313440f6 100644
Binary files a/wordpress-6.2.4.tar.gz and b/wordpress-6.2.5.tar.gz differ
diff --git a/wordpress.spec b/wordpress.spec
index 705b727f884e81164261b2e58f874aef729d20a7..ffcfedc44dd6e232ec852833d3bf83fae0ef123e 100644
--- a/wordpress.spec
+++ b/wordpress.spec
@@ -4,7 +4,7 @@
 %global wp_content %{_datadir}/wordpress/wp-content
 
 %global with_nginx 1
-%global upstream_version 6.2.4
+%global upstream_version 6.2.5
 
 Summary:    Blog tool and publishing platform
 URL:        http://www.wordpress.org
@@ -43,8 +43,6 @@ Patch5: wordpress-5.4-config.patch
 # change DISALLOW_FILE_MODS default value to true
 # ignore WP_AUTO_UPDATE_CORE (always false)
 Patch6: wordpress-5.8-noupdate.patch
-# Debian patch for jshint
-Patch8: wordpress-5.1-remove-jshint-refs.patch
 
 
 BuildArch: noarch
@@ -135,7 +133,6 @@ rm -rf wp-includes/sodium_compat
 %patch -P3 -p1
 # Adjust mediaelement not to use its SWF
 %patch -P4 -p1
-%patch -P8 -p1
 
 # We patch .js files, so minify them
 php %{SOURCE5} \
@@ -254,6 +251,10 @@ end
 %doc readme.html
 
 %changelog
+* Tue Nov 12 2024 Kaiqiang Wang <wangkaiqiang@ieisystem.com> - 6.2.5-1
+- update to 6.2.5
+- fix CVE-2024-4439
+
 * Mon May 06 2024 lidongyue <dongyue@nfschina.com> - 6.2.4-1
 - Fix CVE-2024-31210