Close on the heels of WordPress 4.6 comes a quick update to fix two new security issues. Version 4.6.1 is a security release for all previous versions and we updated all our WordPress Maintenance Plan client websites immediately.
WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename; and a path traversal vulnerability in the upgrade package uploader.
It’s well documented that keeping WordPress core, plugins and themes up to date is one of the best ways to…
Older versions of the Visual Composer plugin are facing a serious security threat. Total WP Support will be updating all client websites that use this plugin and restoring any hacked client websites for free.
It’s comforting to know that Wordpress core’s security is taken seriously and that good work is being done on an ongoing basis to maintain and enhance security in all areas.
We build our websites on top of Wordpress core just like a house is built on top of a foundation. Just like a house, if the foundation is weak it doesn’t matter how much we try to strengthen the walls, ceilings and floors, the house will always be weak. Knowing that Wordpress core is solid gives us confidence as we continue building and maintaining websites that utilize it.
This morning WordPress issued a critical security release to fix a vulnerability that could’ve compromised the security of millions of websites.
The good news it that this update has been completed for your website as part of your TWS Maintenance Plan.
Cross-site scripting, or XSS, is a vulnerability in the code of Web applications that opens up the target (i.e. website) to attacks, and it’s one of the most common conduits used by hackers.
As Wordpress continues to grow in popularity so does the pressure from hackers looking for weaknesses and loopholes that can be leveraged for an attack. The good news is that security vulnerabilities in Wordpress core, plugins and themes are spotted and dealt with quickly by the Wordpress community.
