WordPress Security Update

A couple of days ago, WordPress released a security and bug fix update. The announcement stated that all versions of WordPress up to and including Version 4.4 are affected by a cross-site scripting vulnerability. Such a vulnerability could allow an attacker to get access to your WordPress installation and then of course, do other nasty things to your website.

All of our clients who are on our maintenance list have had their sites backed up, upgraded and the new version tested for compatibility with installed plugins.

Is your site vulnerable? Have you logged in to it in the past few days? If you haven’t, you may not realize that a security update has been released and that you should upgrade.

It can be a pain to keep up with security updates as well as ensuring there are no compatibility issues with activated plugins. That’s why we offer and update service – so you don’t have to worry about it.

Here’s what we do:

  • Immediately upon being notified of a security update, we’ll back up your WordPress database remotely.
  • Check to see if there are any known issues to plugins that have been activated on your site.
  • If there are known issues, we’ll research a work-around for you. There are times when a plugin needs to be deactivated in order to await the
  • developers to update their code. This is one reason why it’s generally good to use only those plugins that are actively being developed.
  • Install the new updated version of WordPress
  • Install any plugins that also have updates available.
  • Check that everything went well.
  • If there are problems, investigate and find a solution for you. Sometimes, the solution, as noted above, is to disable one or more plugins and advise the developers of errors and compatibility issues with the most recent version of WordPress.

One thing you do not want to do is to be running a WordPress installation for much of length of time that has known security vulnerabilities. Sooner or later, it’s likely your site will be compromised. When that happens, the time to fix and repair compromised sites can often be very time consuming. A small investment in proactive security can pay off, when it could cost hundreds of dollars to fix a site later.

As of today’s date (January 9th, 2015), the most recent version of WordPress that you should have is Version 4.1.1.

Give us a call or drop us a line to learn how we can help you stay on top of your WordPress security.

Leave a Comment