xbiz world
xbiz premiere

WordPress Releases Critical Security Update

LOS ANGELES — Less than a week after the release of WordPress Version 4.2, a critical security update was released today — along with an admonition for all users to immediately update their installations.

Debuting on April 23, with a goal of improving WordPress’ communication, sharing and simplicity, Version 4.2, nicknamed “Powell” in honor of jazz pianist Bud Powell, offers easier ways to share content, while providing extended character support, enhanced embed options, and streamlined plugin updates.

Now, an emergency patch, Version 4.2.1, has been released to the public and is an update for all previous WordPress versions. The patch addresses a cross-site scripting vulnerability that could enable comment posters to compromise a site.

As for who is affected by this vulnerability, all WordPress-powered sites are at risk if they allow users to post comments via the integrated commenting system.

“An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser,” Marc-Alexandre Montpas wrote for Sucuri.net, advising WordPress site admins to “definitely disable comments on your site until a patch is [installed] to protect your site and customers.”

The unexpected update fuels critics that claim the Open Source WordPress core lacks security, but the opposite is true: As the world’s most popular publishing platform, WordPress is actively embraced by tens of thousands of developers and used in countless websites, making its underlying code perhaps the most scrutinized software on the planet. This means that vulnerabilities are revealed and mitigated far more often than those contained in proprietary systems that are only well-known to a relative handful of developers and users.

WordPress 4.2.1 is now rolling out as an automatic update for sites that support them.

To manually update an installation, download WordPress 4.2.1 or click “Update Now” from the admin Dashboard. 

Related:  

Copyright © 2026 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

JustFor.fans Launches 'JFF Create' iPhone App

JustFor.fans (JFF) has launched its new iPhone creator management app, JFF Create.

ShootXEvents Joins ASACP as Media Sponsor

ShootXEvents has signed on as an in-kind media sponsor for the Association of Sites Advocating Child Protection (ASACP).

Pornhub Unblocks UK Users on iOS Devices, Citing Apple AV Effectiveness

Pornhub parent company Aylo on Tuesday announced that users in the United Kingdom will once again be able to access the popular site if they are using Apple devices and have confirmed their age through Apple’s U.K. age-verification process.

FSC Launches 'Know Your Rights' 1st Amendment Resource Page

The Free Speech Coalition (FSC) has launched "Know Your Rights," a resource page detailing First Amendment protest guidelines.

Utah VPN Rule for Adult Sites Takes Effect This Week

A new law in Utah comes into force Wednesday, making adult websites liable if minors in the state circumvent geolocation efforts to bypass age verification.

UPDATED: Court Approves Class Action in Labor Claims Against VMG

A U.S. district court has granted class certification in a civil lawsuit filed against Vixen Media Group (VMG) by retired performer Kenzie Anne, making it possible for additional performers to join in a class action against the company.

Brazil Invites Public Input on Guidelines for New Digital Law

Brazil’s National Data Protection Authority (ANPD) is soliciting public comments to help improve interpretation and application of the country’s Digital Statute for Children and Adolescents (Digital ECA), which requires adult websites to age-verify users located in Brazil.

X3 Expo Unveils Euro All-Stars for Inaugural Amsterdam Edition

X3 Expo, Hollywood's premier adult entertainment expo, makes its European debut at Passenger Terminal Amsterdam Sept. 11-12, bringing together fans, creators, and industry insiders for the Continent’s largest assembly of adult entertainment stars, alongside a dazzling lineup of attractions spotlighting the cutting edge of modern media and pleasure tech.

2026 Pornhub Awards Nominees Announced

The list of nominees has been revealed for the eighth annual Pornhub Awards, presented by gaming platform 1win, which will be held May 27 in Los Angeles.

AEBN Publishes Popular Searches by Country for February, March

AEBN has released the list of popular searches from its straight and gay theaters, by country, for February and March.

Show More