WordPress bloggers have been strongly encouraged to update their installations. This applies mostly to the bloggers who run custom installs as opposed to those running on the WordPress platform.
The bloggers need to be urged as it is common to see installations go for weeks without these security patches being applied. This does not even start to address the myriad of plugins and themes that remain unpatched for months on end.
Whats the Urgency for WordPress Bloggers to Apply This Security Patch?
The reason is simple. WordPress versions 4.6 and earlier are affected by two security issues. One is a cross-site scripting vulnerability via image filename. The other is a a path traversal vulnerability in the upgrade package uploader.
To update your installation you can go to to your WordPress admin panel and choose Dashboard > Updates. Newer version of WordPress support auto updates and with those who have it turned on you will not need to do anything.
There is a significant number of sites running WordPress and among those sites its a heaven for attackers to exploit the numerous vulnerabilities on unpatched platform plugins to launch attacks.
Found this article interesting? Follow Brightwhiz on Facebook, Twitter, and YouTube to read and watch more content we post.