xbiz world
xbiz premiere

WordPress Releases Critical Security Update

LOS ANGELES — Less than a week after the release of WordPress Version 4.2, a critical security update was released today — along with an admonition for all users to immediately update their installations.

Debuting on April 23, with a goal of improving WordPress’ communication, sharing and simplicity, Version 4.2, nicknamed “Powell” in honor of jazz pianist Bud Powell, offers easier ways to share content, while providing extended character support, enhanced embed options, and streamlined plugin updates.

Now, an emergency patch, Version 4.2.1, has been released to the public and is an update for all previous WordPress versions. The patch addresses a cross-site scripting vulnerability that could enable comment posters to compromise a site.

As for who is affected by this vulnerability, all WordPress-powered sites are at risk if they allow users to post comments via the integrated commenting system.

“An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser,” Marc-Alexandre Montpas wrote for Sucuri.net, advising WordPress site admins to “definitely disable comments on your site until a patch is [installed] to protect your site and customers.”

The unexpected update fuels critics that claim the Open Source WordPress core lacks security, but the opposite is true: As the world’s most popular publishing platform, WordPress is actively embraced by tens of thousands of developers and used in countless websites, making its underlying code perhaps the most scrutinized software on the planet. This means that vulnerabilities are revealed and mitigated far more often than those contained in proprietary systems that are only well-known to a relative handful of developers and users.

WordPress 4.2.1 is now rolling out as an automatic update for sites that support them.

To manually update an installation, download WordPress 4.2.1 or click “Update Now” from the admin Dashboard. 

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Washington Post Profiles ECP VP Solomon Friedman's Appearance at XBIZ LA

The Washington Post published this weekend a lengthy feature about Pornhub and Aylo, focusing on Ethical Capital Partners’ VP of Compliance Solomon Friedman’s keynote address and other appearances at XBIZ Los Angeles in January.

'Sex Workers Deserve Protections': Congressional Candidate Joe Cohn Reaches Out to Adult Community

Veteran civil rights attorney Joe Cohn, who is currently running in a New Jersey Democratic primary for a seat in the U.S. House of Representatives, says he is reaching out to the adult community to champion an inclusive approach to civil liberties that encompasses all sex workers and adult businesses.

Mile High Unveils New Unscripted Studio 'Sex on Sight'

Mile High Media has launched a new unscripted-content studio, Sex on Sight.

Belgian Producer Dennis Black Magic Sentenced to 7 Years for Rape, CSAM

Belgian adult producer and director Dennis Black Magic has been sentenced to seven years in prison and a $4,000 fine for the rape of eight models and distribution of CSAM.

Seoul Authorities Force Cancellation of Adult Expo for 'Distorting Perceptions of Sex'

After Seoul authorities repeatedly prevented 2024 KXF The Fashion from finding a suitable venue, event organizers have canceled the popular Korean adult industry expo, which was scheduled for this week.

FSC to Hold Discussion on Adult Industry Rights With Congressional Candidate Joe Cohn

Free Speech Coalition will hold a virtual discussion with congressional candidate Joe Cohn, whom the organization calls a strong advocate for adult industry rights.

Sophie Dee, Ricky Johnson to Deliver 'XBIZ Talks' at Miami Conference

XBIZ is pleased to announce that Sophie Dee and Ricky Johnson will each deliver an “XBIZ Talk” at next month’s XBIZ Miami conference

FSC to Examine How 'Derisking' in Banking Affects Adult Industry

The Free Speech Coalition (FSC) is hosting a webinar on derisking in the financial services industry, titled "Derisking: Examining Its Impact on the Adult Industry's Access to Banking," on April 24 at 11 a.m. (PDT).

Democratic Governor Fails to Veto Kansas Age Verification Bill

Kansas’ Democratic governor, Laura Kelly, expressed strong reservations about the state’s version of the age verification bills being sponsored around the country by anti-porn religious conservative activists, but ultimately decided not to veto it, allowing the legislation to become law by default without her signature.

FSC's Alison Boden Testifies Against California Age Verification Bill, Urges Action to Defeat It

Free Speech Coalition Executive Director Alison Boden testified Tuesday against AB 3080, California’s version of the age verification bills being sponsored around the country by anti-porn religious conservative activists.

Show More