Critical security updates for WordPress and plugins

Estimated reading time: 1 minute.

WordPress 4.1.2 was released on Tuesday to address a critical security vulnerability. Sites configured for auto updates will be updated over the next day or so, but you might want to consider installing the update via the dashboard right now.

In related news, security researchers at Sucuri just published a list of popular WordPress plugins that contain serious XSS vulnerabilities. Most of these plugins already have updates addressing the issue. Check your WordPress sites for these plugins, and either update or disable them.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

Leave a Reply