At 12:01 PM today I noticed Twitter erupting with announcements regarding a security vulnerability. We patched this nine minutes later, and have already deployed the fix to WordPress.org. We recommend that you update immediately.

This vulnerability is affecting a very large set of WordPress plugins, but can only be exploited within WordPress admin, making it a low-risk probability (but not a new one).

Regardless, we’ve updated, and so should you.

  Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code lang=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre lang="" extra="">