xbiz world
xbiz premiere

WordPress Releases Critical Security Update

LOS ANGELES — Less than a week after the release of WordPress Version 4.2, a critical security update was released today — along with an admonition for all users to immediately update their installations.

Debuting on April 23, with a goal of improving WordPress’ communication, sharing and simplicity, Version 4.2, nicknamed “Powell” in honor of jazz pianist Bud Powell, offers easier ways to share content, while providing extended character support, enhanced embed options, and streamlined plugin updates.

Now, an emergency patch, Version 4.2.1, has been released to the public and is an update for all previous WordPress versions. The patch addresses a cross-site scripting vulnerability that could enable comment posters to compromise a site.

As for who is affected by this vulnerability, all WordPress-powered sites are at risk if they allow users to post comments via the integrated commenting system.

“An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser,” Marc-Alexandre Montpas wrote for Sucuri.net, advising WordPress site admins to “definitely disable comments on your site until a patch is [installed] to protect your site and customers.”

The unexpected update fuels critics that claim the Open Source WordPress core lacks security, but the opposite is true: As the world’s most popular publishing platform, WordPress is actively embraced by tens of thousands of developers and used in countless websites, making its underlying code perhaps the most scrutinized software on the planet. This means that vulnerabilities are revealed and mitigated far more often than those contained in proprietary systems that are only well-known to a relative handful of developers and users.

WordPress 4.2.1 is now rolling out as an automatic update for sites that support them.

To manually update an installation, download WordPress 4.2.1 or click “Update Now” from the admin Dashboard. 

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

FSC: Federal Report Confirms Unfair Banking Discrimination Against Adult Industry

The Free Speech Coalition (FSC) today announced that a federal report on debanking has concluded that several U.S. banks engaged in discriminatory banking practices against members of the adult industry.

Pineapple Support Names Natalie Pereira Executive Assistant

Pineapple Support has appointed Natalie Pereira as its new executive assistant.

AEBN Publishes Popular Searches by Country for October, November

AEBN has released the list of popular searches from its straight and gay theaters by country in October and November.

FSC Summit Event Schedule Announced

Free Speech Coalition (FSC) has revealed its slate of networking events and symposiums for its annual summit, set for January 15 during XBIZ 2026.

Pornhub Releases 2025 'Year in Review' Report

Pornhub has released its “Year in Review Insights” report for 2025, the 12th edition of the site’s annual statistics, data analysis, and infographic initiative.

Washington AV Bill Jumps on 'Health Warning' Bandwagon

A new age verification bill in the Washington state legislature would require adult sites to post notices warning users of alleged health risks, despite a previous federal court ruling against such requirements.

BranditScan Launches '25 Days of Christmas' Promo

BranditScan has launched its 25 Days of Christmas promotion.

MelRose Michaels Named Host of Online Industry Edition of XBIZ Honors

Performer and entrepreneur MelRose Michaels will MC the online industry edition of the 2026 XBIZ Honors, set for Wednesday, Jan. 14, at the Kimpton Everly Hotel in Hollywood.

Irish Regulator: EU States to Ramp Up AV Enforcement for Smaller Sites

A representative of Irish media regulator Coimisiún na Meán told legislators that Ireland and other EU states are preparing to expand enforcement of age verification regulations to include smaller adult sites, British newspaper The Times is reporting.

Sansyl Group Acquires Blue Donkey Media

Sansyl Group, parent company of AdultPrime Network, has acquired Blue Donkey Media B.V., owner of Dutch adult site Meiden van Holland, among several other erotic websites and television channels.

Show More