Advertisement
  1. SEJ
  2.  ⋅ 
  3. News

WordPress 4.4.2 Security Update is Out, Immediate Update Recommended

wordpress 4 4 2

WordPress 4.4.2, a security update for all versions, is now available for download. WordPress is recommending that everyone update their sites immediately.

Two security issues were found in WordPress 4.4.1 and earlier, including possible SSRF for certain local URIs, and an open redirection attack.

Since these types of things fall outside my level of technical expertise, I did a bit of research to find out what they are and what kind of harm they can do.

SSRF stands for ‘server side request forgery’ and can be deployed by attackers to bypass access controls, such as firewalls, and ultimately crash your system.

An open redirect is a bit more straight forward. It would take a trusted site and redirect visitors to an untrusted site, with the goal to get visitors to land on phishing sites or any other type of malicious site.

While fixing the two major security issues, WordPress 4.4.2 also fixes 17 bugs found in the previous version.

WordPress 4.4.2 can be downloaded directly from the dashboard, or may already be downloaded if your site supports automatic updates.

Featured Image Credit: David Molina G / Shutterstock.com

Category News
ADVERTISEMENT
SEJ STAFF Matt G. Southern Senior News Writer at Search Engine Journal

Matt G. Southern, Senior News Writer, has been with Search Engine Journal since 2013. With a bachelor’s degree in communications, ...

WordPress 4.4.2 Security Update is Out, Immediate Update Recommended

Subscribe To Our Newsletter.

Conquer your day with daily search marketing news.