WordPress 4.3 had recently released and not left the buzz. Another news flash has been made public by the developers of the WordPress Content Management System (CMS) on 04th of Aug 2015 that is the launch of the latest security update 4.2.4 of WordPress. To be precise, it’s only been a two weeks or so since the preceding security update for WordPress was released, but already new amenabilities have been traced which could be misused by malevolent hackers to spoil your website.
Here is the exposé from the advisory:
The security and maintenance release resolves six issues, counting
- Sucuri’s Marc-Alexandre Montpas, from the WordPress team of security Helen Hou-Sandí, Netanel Rubin who belongs to Check Point, and Ivan Grigorov revealed three cross-site scripting exposure and a potential SQL injection that could harm your webpage.
- Johannes Schmitt from Scrutinizer discovered a resolution for a possible timing side-channel attack
- Mohamed A. Baset discovered how to stop an intruder from accessing a content from being rewritten.
A big thanks to the contributors of Security and Maintenance WordPress 4.2.4.
The good message is that WordPress offers the alternative of automatic security updates – expectantly very few portals will be remaining without patch than the scenario which was there before two years.
Some sites might miss out the news of the up-to-the-minute security release as they do not for their own motives make use of automatic updates.
Fortuitously, manually updating WordPress is a cakewalk. Here, take a look
Go to Dashboard → Updates & tap on “Update Now.”
It is advised to the site administrators that they must review the issue queue and apply the upgrade in a timely manner.