WordPress 4.8.2 Security and Maintenance Release

by | 20 Sep 2017 | WordPress

WordPress has just released a security and maintenance update. Mostly for fixing a bunch of cross-site scripting (XSS) vulnerabilities found in older WordPress versions. For the benefit of none-tech-savvy people, Cross-site scripting (XSS) is…

a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. — Wikipedia

In layman terms, it basically means the the vulnerability will enable attacker to insert codes into given web page that will trigger certain actions when the same page is visited by another internet user later, such as sending the user’s cookies which may contain sensitive information, to another website so the attacker can use it to do something else (usually bad things!)

If you are already WP Sifu customer, you can expect to see your WordPress software will be (if not already) updated to the latest version.

You may read about the rest of updates from WordPress’ own blog post itself: WordPress 4.8.2 Security and Maintenance Release.