If you were running a self-hosted WordPress site you might miss this, but we didn’t.
The WordPress team have just released version 4.2.3 which they describe as a security and maintenance release for all previous WordPress versions. One vulnerability in particular stands out.
Now ever since WordPress 3.7 was released in October 2013, the platform has come with the option of automatic security updates. But many out on other providers still run their sites without automatic updates enabled and may miss this news. This is the subject of much discussion in the security community.
We have a few articles you might find interesting which discuss these items and more after the jump.
Recently Acunetix provided some aggregated data from over 15,000 security scans performed over the past 12 months. The security stance of many sites still need a lot of work and web application attack surfaces are far too broad in aggregate. more about this Web Vulnerabilities
Your WordPress has now been upgraded to 4.2.3, fixing an issue with Subscriber permissions. WordPress versions 4.2.2 and earlier are affected by a critical cross-site scripting vulnerability, which could allow anonymous users to compromise a site. read more about WordPress Security and Maintenance
If you have any doubts about whether someone is trying to compromise your web site, let me set your mind at ease. Yes, your site is under attack. more about this Web Site Attacks
Watch this video highlighting the new Features such as Emoji Support, Better Updates from The Add Plugins Screen, and Improved Press This Feature. watch the video about New WordPress Features