On November 20, 2014, the WordPress 4.0.1 Security Release was announced. This release is considered a critical security update, which impacts all previous versions. If your site supports automatic background updates, you may have noted an update to WordPress 4.0.1 was completed late last week. If your site does not support automatic background updates, we strongly advise you complete the upgrade by using the download option or going to Dashboard->Updates->Update Now
WordPress 3.9.2 and earlier versions are affected by a critical cross-site scripting vulnerability, which could facilitate access to anonymous users and permit them to compromise a site. While this vulnerability was address in WordPress version 4.0, a few additional security measures needed to be tackled. The list of security updates can be viewed in the official press release from WordPress.
Please Note: WordPress versions prior to 3.7.4 are unsupported. If you are using WordPress 3.7.4 or earlier, you are urged to update immediately or seek support.
Dalen Design is a full-service design company based in Ottawa, Ontario, Canada. From graphic design, to website development, e-commerce solutions and WordPress security updates, our team is always up to a challenge. Contact us today, and learn how Dalen Design can reduce the stress associated with website creation and maintenance.