xbiz world
xbiz premiere

WordPress Releases Critical Security Update

LOS ANGELES — Less than a week after the release of WordPress Version 4.2, a critical security update was released today — along with an admonition for all users to immediately update their installations.

Debuting on April 23, with a goal of improving WordPress’ communication, sharing and simplicity, Version 4.2, nicknamed “Powell” in honor of jazz pianist Bud Powell, offers easier ways to share content, while providing extended character support, enhanced embed options, and streamlined plugin updates.

Now, an emergency patch, Version 4.2.1, has been released to the public and is an update for all previous WordPress versions. The patch addresses a cross-site scripting vulnerability that could enable comment posters to compromise a site.

As for who is affected by this vulnerability, all WordPress-powered sites are at risk if they allow users to post comments via the integrated commenting system.

“An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser,” Marc-Alexandre Montpas wrote for Sucuri.net, advising WordPress site admins to “definitely disable comments on your site until a patch is [installed] to protect your site and customers.”

The unexpected update fuels critics that claim the Open Source WordPress core lacks security, but the opposite is true: As the world’s most popular publishing platform, WordPress is actively embraced by tens of thousands of developers and used in countless websites, making its underlying code perhaps the most scrutinized software on the planet. This means that vulnerabilities are revealed and mitigated far more often than those contained in proprietary systems that are only well-known to a relative handful of developers and users.

WordPress 4.2.1 is now rolling out as an automatic update for sites that support them.

To manually update an installation, download WordPress 4.2.1 or click “Update Now” from the admin Dashboard. 

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

RM11 Joins Pineapple Support as Supporter-Level Sponsor

RM11 has joined the ranks of over 70 adult businesses and organizations committing funds and resources to Pineapple Support.

Mark Spiegler Named XBIZ Talk Guest for 2026 LA Conference

XBIZ is pleased to announce that famed talent agent Mark Spiegler, impresario of the Spiegler Girls agency, will join an exclusive talk session at XBIZ 2026, the latest edition of North America’s largest adult industry conference, set to take place Jan. 12-15 at the Kimpton Everly Hotel in Hollywood.

Gataca Introduces Passkey Integration

Spain-based age verification provider Gataca has debuted its new passkey integration.

GloryPay Announces New Financial App

European fintech company GloryPay has announced the launch of its financial app for industry members.

Creator of Hentaied, Parasited Launches New Site 'MonsterPorn'

Romero Mr. Alien, the creator of Parasited and Hentaied, has launched new paysite MonsterPorn.com.

House of Lords Approves UK Plan to Outlaw 'Choking' Content

The House of Lords, the U.K.’s upper house of Parliament, has agreed to amendments to the pending Crime and Policing Bill that would make depicting “choking” in pornography illegal and designate it a “priority offense” under the Online Safety Act.

Indiana Sues Aylo Over AV, Calls IP Address Blocking 'Insufficient'

Indiana Attorney General Todd Rokita has filed a lawsuit against Aylo, alleging that the company and its affiliates have violated both Indiana’s age verification law and the state’s Deceptive Consumer Sales Act.

House Committee Amends, Advances Federal AV Bill

A U.S. House of Representatives subcommittee voted Thursday to amend the SCREEN Act, which would make site-based age verification of users seeking to access adult content federal law, and to advance the bill for review by the full Committee on Energy and Commerce.

New AI Companion Platform 'SinfulXAI' Launches

SinfulXAI, a new AI companion platform, has officially launched.

FSC Announces Board of Directors Election Results

The Free Speech Coalition (FSC) has announced the results of its 2026/2027 Board of Directors election.

Show More