April 21, 2015
WordPress 4.1.2 Released – A Security Update
The fine people at WordPress have proudly released the latest update to the World’s most popular website/blogging platform* (* we think so)
This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
They also fixed three other security issues:
- In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded.
- In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
- Some plugins were vulnerable to an SQL injection vulnerability.
In order to update, simply log into your wp-admin and you should be notified of the pending update.
See more here https://wordpress.org/news/2015/04/wordpress-4-1-2/
Of course, those of you on our WordPress Management scheme – this has already been done for you.
If you need help with this, or any other web related matter, get in touch now.
Let us know what you think below ….