Wordpress Security update released

WordPress has just released the new version of its content management system (CMS), WordPress version 4.2.3, to fix a critical security vulnerability that could have been exploited by hackers to take over websites, affecting the security of its Millions of sites.

WordPress version 4.2.3 resolves a Cross-Site Scripting (XSS) flaw that could allow any user with the Contributor or Author role to compromise a website.

Cross-site scripting is actually a vulnerability in the Web applications' code that opens up the target website to attacks. The vulnerability is one of the most favorite and commonly used flaws by cyber criminals.

According to the company, the vulnerability could allow hackers to embed maliciously-crafted HTML, JavaScript, Flash, or other code to bypass WordPress's protection by fooling users into executing a malicious script on their computer system.

This, in turn, leads to the collection of users' sensitive data, including cookies stored on their systems.

It is still unknown exactly how websites could be compromised using the flaw, as more details about the vulnerability aren't yet made available by the company.

Update your WordPress CMS Now!

All versions of WordPress from 4.2.2 and earlier are affected by the flaw, but you need not worry about it if you have Automatic Security Updates enabled.

However, if not, you are strongly recommended to update your WordPress CMS to version 4.2.3 as soon as possible.

To Update WordPress, all you need to do is just go to the main WordPress "Dashboard", then "Updates" and click "Update Now." And you are done.



Popular posts from this blog

The power of Bluetooth 4.0

How to hack your xbox 360 completely

Autonomous mobile additive manufacturing robot runs circles around traditional 3D printers