xbiz world
xbiz premiere

WordPress Releases Critical Security Update

LOS ANGELES — Less than a week after the release of WordPress Version 4.2, a critical security update was released today — along with an admonition for all users to immediately update their installations.

Debuting on April 23, with a goal of improving WordPress’ communication, sharing and simplicity, Version 4.2, nicknamed “Powell” in honor of jazz pianist Bud Powell, offers easier ways to share content, while providing extended character support, enhanced embed options, and streamlined plugin updates.

Now, an emergency patch, Version 4.2.1, has been released to the public and is an update for all previous WordPress versions. The patch addresses a cross-site scripting vulnerability that could enable comment posters to compromise a site.

As for who is affected by this vulnerability, all WordPress-powered sites are at risk if they allow users to post comments via the integrated commenting system.

“An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser,” Marc-Alexandre Montpas wrote for Sucuri.net, advising WordPress site admins to “definitely disable comments on your site until a patch is [installed] to protect your site and customers.”

The unexpected update fuels critics that claim the Open Source WordPress core lacks security, but the opposite is true: As the world’s most popular publishing platform, WordPress is actively embraced by tens of thousands of developers and used in countless websites, making its underlying code perhaps the most scrutinized software on the planet. This means that vulnerabilities are revealed and mitigated far more often than those contained in proprietary systems that are only well-known to a relative handful of developers and users.

WordPress 4.2.1 is now rolling out as an automatic update for sites that support them.

To manually update an installation, download WordPress 4.2.1 or click “Update Now” from the admin Dashboard. 

Related:  

Copyright © 2026 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Penthouse Wins Trademark Infringement Case Against Fraudulent Domain

The World Intellectual Property Organization (WIPO) has ruled in favor of Penthouse World Media in a case against a website using an infringing domain.

'Collective Corruption' Relaunches Through PAYSITE

Fetish and BDSM membership site Collective Corruption has relaunched through PAYSITE.

RocketGate Taps Joël Drapeau for Senior Account Executive Role

Payment processing company RocketGate has hired industry veteran Joël Drapeau as its new account executive for business development and client relations.

VR Reloaded: Inside the Next Era of Immersive Adult Entertainment

For years, virtual reality in adult entertainment hovered somewhere between “quirky novelty” and “exciting promise of things to come.” While the technology hinted at a radically different way to experience erotic media, early experiments often required bulky headsets, complicated downloads, and production techniques that weren’t yet quite up to the task.

Pineapple Support Names Ocean Hanx Brand Ambassador

Pineapple Support has named creator Ocean Hanx as its newest brand ambassador.

Meta Restores Playboy Germany Facebook Page After Court Order

The Facebook page of Playboy Germany, the German-language edition of the magazine, is now back online after a two-month suspension by Meta, following an order by the Düsseldorf Regional Court.

UPDATED: European Commission Unveils AV App, Addresses Hacks

The European Commission’s age verification app is now technically ready and will soon be available for EU citizens to use in order to prove their age when accessing online platforms, European Commission President Ursula von der Leyen announced Tuesday.

Syren De Mer, Eddie Patrick Cap AEBN's Top Stars for 1st Quarter of 2026

AEBN has revealed its most popular performers in straight and gay theaters for the first quarter of 2026.

'iDealgasmPlus' Launches Through PAYSITE

iDealgasmPlus.com has officially launched through PAYSITE.

Canadian Senate Approves National Age Verification Bill

Canada’s Senate on Wednesday passed bill S-209, the “Protecting Young Persons from Exposure to Pornography Act,” which would require commercial adult websites to verify that Canadian users are at least 18 years old.

Show More