WordPress has released version 4.4.2 on February 2, 2016 included 2 important security issues and 17 bugs fixed.
This updated version fixes 2 security issues:
- SSRF (Server Side Request Forgery): This vulnerability might allow an attacker to access or attack the internal network or local server that WordPress is installed on.
- an Open Redirect attack: The victims of an Open Redirect attack can be redirected to another untrusted website which might risk of phishing.
All previous WordPress versions are impacted by this vulnerability. WordPress 4.4.2 is a security update for all versions. That’s why WordPress strongly recommend users to update their sites immediately.
How to update WordPress 4.4.2?
Manually: Log into your WordPress Dashboard, click the “Update Now” button to update.
Automatically: Sites that support automatic background updates will be automatically updated to the latest version within a few hours after the release.
If you need any support to update this new version or install a WordPress site, feel free to contact us: Sutunam contact page !