The Small Business Website Guy

  • Home
  • Blog
  • About
  • WordPress Help
  • Services
    • WordPress Help
    • Hacked Site Cleanup
    • Website Management Program
    • Domain Registration
    • Web Hosting
  • Testimonials
  • Contact Us

April 27, 2015 by John

WordPress 4.2.1 Security Patch

Well, that was quick! In my last post, I mentioned that WP 4.2 had been released and that we would wait for the first patch to update from 4.1. A WordPress 4.2.1 security patch was released today to fix a potential security flaw in the commenting function of WordPress 4.2. While I don’t really feel that 4.2 has been adequately shaken out in the real world, I am applying this patch to all my client sites due to the nature of the fix.

What’s The Problem?

This type of security flaw is called a “cross-site scripting” vulnerability, aka XSS vulnerabilty. It allows someone external to the site to craft a URL that can inject malware into the site, bypass logins, etc. Full technical details can be found on Wikipedia:

Cross-site scripting vulnerability

What Do I Do About It?

Update your WordPress installation to v4.2.1 immediately. The vulnerability has been patched and you need to be on the latest version of WP to be secure. If you have automatic updates turned on your site will automatically update to 4.2.1 within the next 24 hours. You can always do it yourself via the WP dashboard if you’d rather not wait for the automatic update to happen.

Always practice safe computing!

John Sawyer

Laptop image courtesy of Stuart Miles on FreeDigitalPhotos.net

Like this post?  Sign up below to be notified when new posts are published:

johnsmith@example.com
John

Share this post:

Share on TwitterShare on FacebookShare on LinkedIn

Filed Under: Safe Computing, Security, Updates, WordPress Tagged With: cross-site scripting, security patch, XSS

Select Module

Recent Posts

  • Protect Yourself From Router Exploit
  • Is GDPR Compliance The Problem?
  • Warning! WordPress 4.9.6 Is Coming
  • MalwareBytes Update Issue
  • Google Issues New HTTPS Guidelines

Find Your Domain

Find a domain starting at $0.48

powered by Namecheap

Reach new audiences and grow your following

Privacy Policy | Terms of Use

Copyright © 2007-2022 by Chon Resources – All Rights Reserved Worldwide

We use cookies for various purposes including analytics and personalized marketing. By continuing to use the service, you agree to our use of cookies. - Privacy Policy
Protected by Patchstack