The internet is verbally attacking WordPress again. I read a lot of hate towards WordPress for its latest security vulnerabilities that have become public. What I don't see is praise in how those updates are handled and distributed to its millions of users. Cross-Site Scripting Vulnerabilities The last 2 weeks, 3 major security releases have been announced by the WordPress team; 21/04/2015: version 4.1.2 fixes a critical cross-site scripting vulnerability 27/04/2015: version 4.2.1 fixes a cross-site scripting vulnerability 07/05/2015: version 4.2.2 fixes a cross-site scripting attack Oh my, WordPress must pose a security risk, right?! The Magical Release: WordPress 3.7 I was skeptical when they first announced this, but automatic background updates as featured in the 3.7 release are amazing. Automatic background updates were introduced in WordPress 3.7 in an effort to promote better security, and to streamline the update experience overall. By default, only minor releases – such as for maintenance and security purposes – and translation file updates are enabled on most sites. In special cases, plugins and themes may be updated. If you read the comments on Twitter, security blogs and
Share This