WordPress Security Concerns
WordPress has announced that there is a “critical security release” for all versions of WordPress older than 4.2.2. The latest release of version 4.2.2 fixes two security issues:
- The Genericons icon font package, used in many popular themes and plugins, contained an HTML file vulnerable to a cross-site scripting attack. The 4.2.2 version proactively scans the wp-content directory for the HTML file and removes it.
- In WordPress versions 4.2 and earlier, a critical cross-site scripting vulnerability could enable anonymous users to compromise a site. The 4.2.2 version includes a comprehensive fix for the issue.
In addition to beefing up security against potential hacking of your website, 4.2.2 also address 13 bug fixes.
Just in the past week we've seen 3 websites that have been hacked or compromised because of a security weakness. We are recommending that you not wait until something happens but that you update to the latest version now.
As a guideline for best practices you should always upgrade to the latest version no matter what CMS you are using.
If you are not sure what version your are operating with, call us today - 604-682-5500