xbiz world
xbiz premiere

WordPress Releases Critical Security Update

LOS ANGELES — Less than a week after the release of WordPress Version 4.2, a critical security update was released today — along with an admonition for all users to immediately update their installations.

Debuting on April 23, with a goal of improving WordPress’ communication, sharing and simplicity, Version 4.2, nicknamed “Powell” in honor of jazz pianist Bud Powell, offers easier ways to share content, while providing extended character support, enhanced embed options, and streamlined plugin updates.

Now, an emergency patch, Version 4.2.1, has been released to the public and is an update for all previous WordPress versions. The patch addresses a cross-site scripting vulnerability that could enable comment posters to compromise a site.

As for who is affected by this vulnerability, all WordPress-powered sites are at risk if they allow users to post comments via the integrated commenting system.

“An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser,” Marc-Alexandre Montpas wrote for Sucuri.net, advising WordPress site admins to “definitely disable comments on your site until a patch is [installed] to protect your site and customers.”

The unexpected update fuels critics that claim the Open Source WordPress core lacks security, but the opposite is true: As the world’s most popular publishing platform, WordPress is actively embraced by tens of thousands of developers and used in countless websites, making its underlying code perhaps the most scrutinized software on the planet. This means that vulnerabilities are revealed and mitigated far more often than those contained in proprietary systems that are only well-known to a relative handful of developers and users.

WordPress 4.2.1 is now rolling out as an automatic update for sites that support them.

To manually update an installation, download WordPress 4.2.1 or click “Update Now” from the admin Dashboard. 

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Adult Web Hosting Service 'Midnight-Host' Launches

Midnight-Host, a new web hosting service designed specifically for adult websites, has launched.

ASN Lifestyle Magazine Joins Pineapple Support as Media Sponsor

ASN Lifestyle Magazine has joined the ranks of over 60 adult businesses and organizations committing funds and resources to Pineapple Support, partnering with the organization as a media sponsor.

Adult Industry Reacts to Trump Victory

On Tuesday, former President Donald Trump was reelected, defeating Vice President Kamala Harris to reclaim the office he lost four years ago.

Fetisfy Online Fetish Marketplace Launches

Fetisfy.com, an online marketplace for users to sell fetish items, has launched.

Pineapple Support Launches 'Spill the Tea, Colombia' Community Support Event Series

Pineapple Support has launched "Spill the Tea, Colombia," a monthly, in-person community support event for adult industry professionals.

Streamster Launches 'Tip2Peep' Camera-Switching Feature

Live-streaming software provider Streamster has launched Tip2Peep, a new feature that allows viewers to switch between multiple webcam viewing angles by tipping the creator.

Tyler Wu Guests on Chaturbate's 'Sex Tales' Podcast

Tyler Wu is the latest guest on Chaturbate’s “Sex Tales” podcast, hosted by Melissa Stratton and Vanniall on the company’s “Camming Life” YouTube channel.

Fleshy to Launch Interactive Cam Site 'Eromote'

Male pleasure brand Fleshy has announced that it will launch an interactive, bidirectional cam site next month called Eromote.

XBIZ LA Show Introduces New 'Crib Crawl' Feature

XBIZ is pleased to announce that the 2025 edition of its flagship conference, the XBIZ Show, will debut a brand-new feature: Crib Crawl, offering attendees the chance to meet and greet representatives from leading brands and organizations in dedicated suites at the host venue.

Pre-Nominations Now Open for 2025 TEAs

The pre-nomination period for the 2025 Trans Erotica Awards (TEAs) is now open.

Show More