WordPress 4.0.1 Critical Security Release

Last updated: WordPress < 1 read
WordPress Security Update

Yesterday afternoon, WordPress announced a new critical security release, recommending that all users update their sites immediately.

WordPress websites that support automatic updates were updated within a few hours of the release. Users who were running WordPress 3.9.2, 3.8.4, or 3.7.4 were updated to 3.9.3, 3.8.5, or 3.75 to keep everything secure. WordPress 3.9.2 and older versions were found to be affected by a critical cross-site scripting vulnerability – leaving the site open for anonymous users to attack. The issue does NOT affect version 4.0, however version 4.0.1 does address additional security issues including:
  • 3 cross-site scripting issues that could compromise a site from a contributor or author.
  • A cross-site request forgery that could trick a user into changing their password.
  • An issue that could lead to a denial of service when passwords are checked.
  • Additional protection for server-side request forgery attacks when WordPress makes HTTP requests.
  • WordPress will now invalidate the link in a password reset email if the user remembers their password, logs in and changes their email address.
Version 4.0.1 also includes fixes for 23 4.0 bugs and two hardening changes. If you would like to know more about the release or how it could affect your WordPress website, please submit a support ticket at theedesign.com/support.

Tags: WordPress

Richard Horvath

Owner / President

Richard Horvath is the founder of TheeDigital, a Raleigh based award-winning web design and digital marketing agency. He is proud of his team and the results that they provide to their clients.

Related Posts

How to Update Your WordPress Plugins Safely
Support 4 min read

How to Update Your WordPress Plugins Safely

While the idea of updating your plugins may make your cringe slightly, we’re here to tell that…
Kristina Cappetta

How to create a new gravity form
Our Favorites 5 min read

Gravity Forms – How to Create a New Form

Here you'll learn how to create and edit a Gravity Form on your site.
Richard Horvath

Top WordPress Web Development Trends for 2023
WordPress 4 min read

Top WordPress Web Development Trends for 2024

What's going to be big on Wordpress next year? Read on to discover what's new.
Melissa Read

What are Wireframe Mockups?
Web Design 2 min read

Wireframes for Custom-Designed Wordpress Sites

Utilizing Wireframing to ensure a stand out website design is vital. But Wireframes can be confusing. Learn…
Melissa Read

Schedule a Consultation