Serious WordPress Security Vulnerability
We all know keeping your website secure is critical!
The days of building a website and not having to worry about updating it have long passed. The majority of websites today are being built in CMS platforms, and just like the operating software (example – Windows) on your computer needs to be updated to the newest version and security patches, your website needs it to have a better chance in fending off hackers.
Just this week the WordPress security team released what they’ve classified as a “critical” security release for WordPress, addressing a serious cross-site scripting (XSS) vulnerability that affects all versions of WordPress.
This vulnerability is a significant risk based on the low skill level required for successful exploitation. This vulnerability could enable an attacker to execute arbitrary code on the plugin and theme editors of a WordPress site–which could enable full compromise of the site itself–if a specially crafted XSS payload were placed in the comments section and then viewed by an authenticated administrative user. Read more here.
If you have WordPress you need to have your developer make the appropriate updates immediately. If you are a client with Josiesque Designs and are on our Security Protection Plan, good news! We have made the appropriate updates to your website to protect it from this vulnerability. If you are not on our Security Protection Plan, why not? Your website is your your sales person 24/7! Website not working? No new customers can find you. You you need to start protecting your business today.