Wordpress releases version 3.0.4 yesterday which closes a “critical” security vulnerability in how the KSES library is vulnerable to XSS (aka. Cross Site Scripting) attacks. XSS attacks are characters like ‘,<,>,; that can be embedded in URL’s or submitted in HTTP POST requests and can compromise an application possibly allowing an attacking application or user to execute malicious code and gain access to information or get into the web application itself.
As a web security professional myself I always recommend users to upgrade and patch immediately when critical vulnerabilities are found to reduce your chances of being vulnerable. Remember that most hacks occur because they leverage vulnerabilities that existed and already had a patch for. Once a vulnerability or security issue becomes public it increases the number of users who will try to exploit it on any system.
Read more about the WordPress 3.0.4 Version and upgrade your WordPress blog today.
I always remind readers to take a backup of their SQL database before upgrading. Do this with the WP-DBManager plugin or manually through the PHPMyAdmin application in your Hosting Provider account.
I have used the WordPress Dashboard automatic upgrade on 6 of the WordPress blog I administrate and it worked fine without issues.
I have been obsessed with computers, tech, gadgets and games since the early 1980’s having grown up on the Commodore 64 and Amiga computers.
By day I work in the IT Security Industry and have been in IT for over 20 years. On my spare time I am a Vlogger, Blogger, Streamer, Gadget Reviewer, affiliate marketer, influencer and entertainer. I am also an avid movie fan, TV Show fan, Anime fan, video game fan and fan of trying anything and everything new.