xbiz world
xbiz premiere

WordPress Releases Critical Security Update

LOS ANGELES — Less than a week after the release of WordPress Version 4.2, a critical security update was released today — along with an admonition for all users to immediately update their installations.

Debuting on April 23, with a goal of improving WordPress’ communication, sharing and simplicity, Version 4.2, nicknamed “Powell” in honor of jazz pianist Bud Powell, offers easier ways to share content, while providing extended character support, enhanced embed options, and streamlined plugin updates.

Now, an emergency patch, Version 4.2.1, has been released to the public and is an update for all previous WordPress versions. The patch addresses a cross-site scripting vulnerability that could enable comment posters to compromise a site.

As for who is affected by this vulnerability, all WordPress-powered sites are at risk if they allow users to post comments via the integrated commenting system.

“An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser,” Marc-Alexandre Montpas wrote for Sucuri.net, advising WordPress site admins to “definitely disable comments on your site until a patch is [installed] to protect your site and customers.”

The unexpected update fuels critics that claim the Open Source WordPress core lacks security, but the opposite is true: As the world’s most popular publishing platform, WordPress is actively embraced by tens of thousands of developers and used in countless websites, making its underlying code perhaps the most scrutinized software on the planet. This means that vulnerabilities are revealed and mitigated far more often than those contained in proprietary systems that are only well-known to a relative handful of developers and users.

WordPress 4.2.1 is now rolling out as an automatic update for sites that support them.

To manually update an installation, download WordPress 4.2.1 or click “Update Now” from the admin Dashboard. 

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Open Mind AI Seeks Inclusion in EU's AI Debate

New European industry initiative Open Mind AI has penned a letter asking EU authorities to include adult companies and creators in ongoing discussions on setting up a legal framework for AI content.

Canadian Law Professor: Proposed Age Verification Bill 'Will Make Things Worse'

Leading Canadian newspaper The Globe and Mail this week published an op-ed written by a legal scholar outlining fundamental issues with the Conservative-backed age verification bill currently making its way through Parliament.

UK Labour Government Confirms it Will Continue Baroness-Led 'Porn Review'

The U.K. Labour government of Prime Minister Keir Starmer has confirmed it will continue the controversial full review of British pornography laws ordered by former Tory Prime Minister Rishi Sunak in July 2023.

AEBN Publishes Popular Searches for July and August

AEBN has released the top search terms for the months of July and August from its straight and gay theaters in all 50 states and the District of Columbia.

SWR Data Survey Probes Concerns About Political Attacks on Industry

SWR Data, an adult-sector market research firm led by industry veterans Mike Stabile and MelRose Michaels, has released data from its upcoming 2024 State of the Creator report, illustrating creators’ concerns about political attacks on the industry.

FSC Urges SCOTUS to Strike Down 'Unconstitutional' Texas Age Verification Law

The Free Speech Coalition (FSC) urged the U.S. Supreme Court through a brief filed Monday to strike down Texas’ age verification law as unconstitutional.

Japanese Manga Industry Hit by Credit Card Companies' Anti-Porn Restrictions

Japanese manga retailers are reporting pressure from multinational credit card companies — many based in the U.S. and targeted by anti-porn religious conservatives — to censor their content if they wish to maintain their current payment processing arrangements.

Netherlands Government Continues Porn Probe Following Abuse Allegations

The Dutch government plans to continue investigating the local porn industry in the Netherlands, following a series of abuse allegations involving photographer and self-styled “model scout” Daniël van der W.

Clips4Sale Releases '20 Years of Fetish' Data Survey

Clips4Sale (C4S) has released a report based on 20 years of data and analysis to show how kink and fetish tastes have changed since the site began.

Grooby, Yanks Ink Website Management Deal

Grooby will begin managing Yanks.com under a new company, Blue.xxx.

Show More