Skip to main content

WordPress fixes huge security vulnerability, all users instructed to update

wordpress vulnerability version 472 plug in
INBJ / 123RF
A serious zero-day vulnerability has been discovered in WordPress, and fixed as of its most recent stable release. All WordPress users are encouraged to make sure that they have updated their installation to version 4.7.2, as otherwise their site could be hijacked.

It’s thought that the exploit could give attackers the ability to modify the content on any post or page that’s part of a site built with WordPress, as per a report from Tripwire. Obviously, this lends itself to garden variety vandalism, but there’s also the threat of a much more troubling form of attack.

The vulnerability could be used to introduce harmful links into otherwise benign content. These links could take users to sites that install malicious software on their computers, or even be utilized as one element of a larger phishing scam, using the WordPress site as cover.

The problem was discovered by researchers at security firm Sucuri, which notified WordPress on January 20. The vulnerability was kept quiet at the time, because a fix had to be developed, and making the issue public could potentially have allowed malicious entities to take advantage.

Major WordPress hosting services and security companies were notified about the vulnerability ahead of its existence being disclosed to the public. Data from these organizations showed no indication that attackers had been able to exploit the issue.

However, now that the problem has been made public, it’s possible that criminal entities could use the vulnerability to target WordPress installations that aren’t up to date. Version 4.7.2 has been available since January 26, but users that don’t have automatic updates activated will need to initiate the process manually.

That means that if you have a WordPress site set up that you haven’t looked at in a while, it’s time to make sure it’s running version 4.7.2. It only takes a moment to check that you’re up to date — but if hackers manage to exploit this vulnerability on your site, you’re in for a much bigger headache.

Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
Nvidia might finally fix its VRAM problem — but it will take time
The Razer Blade 14 and 18 on a table.

It's no secret that some of Nvidia's best graphics cards could use a little more VRAM. According to a new leak, Nvidia may be addressing that problem in a big way -- at least in laptops. The RTX 5090 laptop GPU is now reported to come with 24GB VRAM across a 256-bit memory bus. The downside? These new laptops might not make it to market as soon as we'd hoped.

The information comes from Moore's Law Is Dead, who cites his own industry sources as he spills the beans on RTX 50-series laptop specs. Up until now, we've not heard much about Nvidia's plans for RTX 50 laptops, indicating that they might be a few months away. The YouTuber agrees with this, saying that Nvidia might be targeting a launch window in the first or second quarter of 2025. This might not affect the entire lineup, though.

Read more
If you want to buy an RTX 4090, now might be your last chance
Nvidia GeForce RTX 4090 GPU.

There's no disputing that the RTX 4090 is one of the best graphics cards you can buy, but now might be your last chance to buy it. According to members of the Board Channels forum (via VideoCardz), Nvidia has discontinued the graphics card and will stop fulfilling new orders this month.

We saw this coming. Last month, members of the Board Channels forums signaled that Nvidia was getting ready to discontinue the RTX 4090 to make way for next-gen RTX 50-series GPUs. Nvidia hasn't said it's discontinuing the card, and it likely won't, but some regions are already experiencing shortages and increased prices. The German outlet PC Games Hardware writes: "It is now becoming increasingly clear that the GeForce RTX 4090 ... will soon have reached its end of lifetime," following high prices and "increasingly poor availability" in the region.

Read more
How to use iPhone Mirroring on your Mac
Apple's Craig Federighi demonstrates the iPhone Mirroring feature in macOS Sequoia at the Worldwide Developers Conference (WWDC) in June 2024.

Earlier this year, Apple introduced iPhone Mirroring. This macOS Sequoia feature puts a mirrored version of your iPhone right on your Mac’s desktop, enabling you to interact with your iPhone without ever needing to have it in your hands. You can open iOS apps, send emails, change settings, and much more, all from the comfort of your Mac.

Read more