WordPress 4.1.2 Security Release

WordPress team has released a critical security update for all previous versions and it is strongly encourage that you update your WordPress version to WordPress 4.1.2.

WHMCS Complete Billing and Support

WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.

WordPress 4.1.2 Security Release

They have also fixed three other security issues as follow:

[1] In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded.

[2] In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack.

[3] Some plugins were vulnerable to an SQL injection vulnerability.

A number of plugins also released security fixes yesterday. Keep everything updated to stay secure. If you’re a plugin author, please read this post to confirm that your plugin is not affected by the same issue.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.