Do you use WordPress to build your site? If so did you know that you may be at risk!

If you are using WordPress you should check that your site is running the latest version 4.7.5 anything less and your site is vulnerable.

How is it vulnerable?

WordPress released advice on the 16 May regarding SIX security issues, you can find more information about the security issues at the end of the article. These issues impact WordPress 4.7.4 and earlier.

What should you do?

Contact your hosting provider, website design or maintenance team to make sure that your site is updated to 4.7.5 to remove the risk.

Don’t have a maintenance team or support? Don’t stress we can help secure you site and take the stress out of worrying about keeping your site updated and secure. For as little as $20.00 a week* C4 Maintenance can keep your site running smoothly and secure, don’t take the risk of your brand website being hijacked and corporate and customer data at risk.

Contact us today!

The finer details:

WordPress versions 4.7.4 and earlier are affected by six security issues:

1. Insufficient redirect validation in the HTTP class.
2. Improper handling of post meta data values in the XML-RPC API.
3. Lack of capability checks for post meta data in the XML-RPC API
4. A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog.
5. A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files. Reported by Ronni Skansing.
6. A cross-site scripting (XSS) vulnerability was discovered related to the Customizer.

Source: https://wordpress.org/news/2017/05/wordpress-4-7-5/

*Billed monthly with no lock in contracts.