WordPress 4.4.1 security release

Estimated reading time: 1 minute.

A critical cross-site scripting (XSS) vulnerability in WordPress 4.4 and earlier versions has been addressed in a new WordPress version: 4.4.1.

Since this is a security release, anyone who administers a WordPress site is strongly encouraged to install the update as soon as possible. If your WordPress site is configured for auto-updates, it may have been updated already, but you should check it to be sure.

WordPress 4.4.1 also fixes a few minor non-security bugs. In all, 52 bugs were addressed in the new version. The release notes provide additional details.

You can also see what’s changed in 4.4.1 on the WordPress bug tracking site. Happily, the page on the other end of that link shows only what’s changed in WordPress 4.4.1, which is a lot more useful than Mozilla’s approach for Firefox, which is to list all changes since the last major version. The WordPress change list is also a lot easier to navigate (and understand) than the equivalent list for Google Chrome.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

Leave a Reply