WordPress security: serious issues fixed in the new release

WordPress 5.2.3 (security and maintenance release) was made public yesterday. It fixes the important security issues and adds some enhancements.

These issues affect WordPress versions 5.2.2 and earlier.

It is highly recommended to upgrade WordPress to version 5.2.3 immediately.

List of patched WordPress vulnerabilities

2019-09-05 WordPress <= 5.2.2 – Cross-Site Scripting (XSS) in URL Sanitisation
2019-09-05 WordPress 5.2.2 – Authenticated Cross-Site Scripting (XSS) in Post Previews
2019-09-05 WordPress 5.2.2 – Cross-Site Scripting (XSS) in Dashboard
2019-09-05 WordPress 5.2.2 – Cross-Site Scripting (XSS) in Shortcode Previews
2019-09-05 WordPress 5.2.2 – Cross-Site Scripting (XSS) in Stored Comments
2019-09-05 WordPress 5.2.2 – Potential Open Redirect

Importance of regular WordPress updates

Ace Web Studio - Website Maintenance

WordPress Maintenance Plans

  • Regular WordPress updates
  • Secure offsite backups
  • Fast restore if required
  • Security scans
  • Brute force attack protection
  • Comment spam filtering

It is very important to keep your WordPress installation up to date.

If a WordPress security release comes out, you will need to update immediately, otherwise your website can get hacked in no time.

As a business owner, you most likely will not have time to do this yourself, and that’s understandable.

Ideally, you would want a team of technically skilled professionals to take care of this.

Not all updates go smoothly, especially for the WordPress websites with many plugins.

Sometimes a plugin that worked fine for a long time all of a sudden doesn’t work after a routine WordPress update.

In this case a maintenance specialist can help to sort the problem.

Also, it is very important to have a proper backup system in place.

Daily backups to a remote server would be the most preferable. If something goes wrong after update, you will be able to restore the site in few minutes.

Alex Mayer
Alex Mayer
webshops@acewebstudio.com

Leave a Reply

avatar
  Subscribe  
Notify of