Wordpress Security

wordpress security update

12 Sep: WordPress Security Update with Version 4.6.1

Close on the heels of WordPress 4.6 comes a quick update to fix two new security issues. Version 4.6.1 is a security release for all previous versions and we updated all our WordPress Maintenance Plan client websites immediately.
WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename; and a path traversal vulnerability in the upgrade package uploader.

wordpress security

06 Aug: WordPress Core Security Praised by Third-party Software Security Company

It’s comforting to know that Wordpress core’s security is taken seriously and that good work is being done on an ongoing basis to maintain and enhance security in all areas.

We build our websites on top of Wordpress core just like a house is built on top of a foundation. Just like a house, if the foundation is weak it doesn’t matter how much we try to strengthen the walls, ceilings and floors, the house will always be weak. Knowing that Wordpress core is solid gives us confidence as we continue building and maintaining websites that utilize it.

computer security

24 Jul: WordPress Critical Security Update Completed for all TWS Client Websites

This morning WordPress issued a critical security release to fix a vulnerability that could’ve compromised the security of millions of websites.

The good news it that this update has been completed for your website as part of your TWS Maintenance Plan.

Cross-site scripting, or XSS, is a vulnerability in the code of Web applications that opens up the target (i.e. website) to attacks, and it’s one of the most common conduits used by hackers.