We have been waiting for the stable release of WordPress 4.2. And, the security team of WordPress brings the critical security release 4.1.2 to us. The security team has made strong recommendations to update sites to this release.

According to the official news, folks have said that earlier version that is WordPress 4.1.1 has the cross-site scripting vulnerability. A hacker can easily take advantage of this vulnerability to hack a website by infecting the site’s page with “malicious script”. This script is added from the client-side. A hacker targets the vulnerability of a web page to take the full control over the website. The security team has fixed this issue.

 

Also, WordPress 4.1.2 has solved three additional issues-

  • SQL injection vulnerability of some plugins.
  • Probability of Social engineering attacks in version 3.9 and higher.
  • Possibility of uploading Invalid name files in version 4.1.

In a nutshell, the security team of WordPress has fixed major security vulnerabilities of WordPress 4.1 and has brought this critical security release.

Users are automatically prompted on their dashboards about the new update. An utmost important thing to do before you update your WordPress version– you should take the backup of all files and database. WordPress recommends to do this before updating the version.

TemplateToaster WordPress theme builder provides the option to take the backup of the site. If you use TemplateToaster WordPress website builder software generated WordPress theme on your site, then you may take the backup of your site anytime without someone’s help. This option resides in the “Theme options”. “Theme Options” is a default feature of every TemplateToaster offline website builder software generated theme. You can get the backup to an FTP server, and you can get it to your e-mail. You can update your site to the new version after taking its backup. You will also get free templates and free WordPress themes.