WordPress 4.1.2 Security Release.


WordPress have released a critical security update for all previous versions of WordPress.

WordPress have now made version 4.1.2 available.The WordPress security team discovered that versions 4.1.1 and earlier have a critical cross-site scripting vulnerability. This could enable anonymous users to compromise a site.

Along with this particular vulnerability, the WordPress team also fixed the following issues:

  • In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded.
  • In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
  • Some plugins were vulnerable to an SQL injection vulnerability.

So, if you’re using a vulnerable version of WordPress, update as soon as possible.

For more information, look at the security release announcement.

Have you found this update useful? Let us know, leave a comment below. :)