Your WordPress site could be vulnerable to attack, update it right away

wordpress version released to fix six serious vulnerabilities wordpressheader
Shutterstock
We all have to deal with security patches and updates that try to keep our systems safe from the ever-increasing levels of cybercrime. If you’re a webmaster, then you have at least one more system than most other people that you need to keep up to date, specifically software that runs your website.

Most recently, one of the most popular web publishing systems around, WordPress, suffered some serious vulnerabilities and its developers published a new version to address them. Consider this a public service announcement — if you’re running WordPress, then you want to upgrade to version 4.7.3 immediately, WeLiveSecurity reports.

The six vulnerabilities that researchers identified are as follows:

  • Cross-site scripting (XSS) via media file metadata.
  • Control characters can trick redirect URL validation.
  • Unintended files can be deleted by administrators using the plugin deletion functionality.
  • Cross-site scripting (XSS) via video URL in YouTube embeds.
  • Cross-site scripting (XSS) via taxonomy term names.
  • Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.

Fortunately, the researchers first privately let the WordPress team know of the vulnerabilities early, allowing the development and rollout of a fix before the vulnerabilities were publicly disclosed. That fix is available now for all self-hosted WordPress sites and if your site is set to automatically update, then you might already have received it.

If your site isn’t set to automatically update, then you’ll want to back it up first. If you have a staging site, then you will want to test there first to make sure nothing breaks when the update is applied. Then, just go to the WordPress admin panel, select Dashboard > Updates, and follow the instructions. While you’re at it, you can check to see if any of your WordPress plugins need updating and get them current as well. Plugin vulnerabilities can be just as damaging as those in the core WordPress system.

If you’re running a site on WordPress.com, which is administered by Automattic, then your site will already have been updated and these vulnerabilities, at least, will have been patched. If not, then your job of webmaster just got another important task that you will likely want to check off sooner rather than later.

Cars

Lexus LC convertible concept teases a new open-air flagship

Debuting at the 2019 Detroit Auto Show, the Lexus LC convertible concept adds open-air motoring to the sleek LC's resume. But Lexus won't commit to a production version of the car just yet.
Computing

Problems with installing or updating Windows 10? Here's how to fix them

Upgrading to the newest version of Windows 10 is usually a breeze, but sometimes you run into issues. Never fear though, our guide will help you isolate the issue at hand and solve it in a timely manner.
Gaming

The full ‘Kingdom Hearts III’ ending won’t be in the game at launch

Square Enix has revealed that although an ending is included in the disc version of Kingdom Hearts 3, a post-launch update will add the epilogue, as well as a secret additional video.
Gaming

Everything we know about the ‘Resident Evil 2’ remake, from gameplay to story

The Resident Evil 2 remake is not a remastered version of the original game, but a fully new title using the source material as inspiration. Here is everything we know about the Resident Evil 2 remake.
Deals

From Air to Pro, here are the best MacBook deals for January 2019

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.
Computing

Change your mouse cursor in Windows with these quick tips

The standard mouse cursor is boring, so change it! With this guide on how to change your mouse cursor in Windows, you can choose to use one of Microsoft's pre-installed cursors or download something a bit more extravagant.
Computing

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.
Computing

Printing to PDF in Windows is easy, no matter which method you use

Microsoft's latest operating system makes it easier than ever to print to PDF in Windows, but there are alternative methods for doing so, even if you want to forgo Adobe Acrobat. Here's how.
Computing

Changing a PDF into an EPUB file is easier than you might think

If you like to read on a tablet or ebook reader, you'll find that ePUB files offer a number of advantages over PDFs. With this guide, we'll show you how to convert a PDF to EPUB in a few quick steps.
Computing

Need to combine a PDF? Here's how to get it done on both Windows and Mac

Sometimes juggling multiple files at once is more of a hassle than a convenience, especially when a single file would do. This quick guide will teach you how to combine PDF files on Windows, MacOS, or with online tools.
Computing

Don’t even bother with the rest. Here are the only laptop brands that matter

If you want to buy your next laptop based around a specific brand, it helps to know which the best brands of laptops are. This list will give you a good grounding in the most reliable, quality laptop manufacturers today.
Computing

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.
Computing

Style up your MacBook Air with one of these great cases or sleeves

Whether you’re looking for added protection or a stylish flourish, you’re in the right place for the best MacBook Air cases. We have form-hugging cases, luxurious covers and padded sleeves priced from $10 to $130. Happy shopping!
Computing

Getting Windows 10 updated doesn't have to be so painful

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.