Helios Solutions

loading icon
Slide background
Raja Speet
Cosima Riehl
Soraya Cansse

WordPress release 4.2.1 – A minor security update to protect the site from vulnerability

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

New WordPress Security release 4.2.1 is a critical security release for all previous versions and is strongly recommended to update the sites immediately. WordPress 4.2.1 has begun to roll out as an automatic background update, for the sites that support those.


WordPress 4.2.1 fixes yet another, Stored Cross Site Scripting (XSS) vulnerability which allows unauthenticated user to inject JavaScript in WordPress comments. This injected script can affect both WordPress users and WordPress administrators. This vulnerability potentially has nasty consequences. In the worst case administrator account could be compromised, allowing a hacker to change the password and or remove plugins or set up new admin accounts.

Depending on the current WordPress version of the website, the site might get automatically updated, however if not, a manual update may be required, remember to perform a full site backup before updating the site with 4.2.1.

The bug was discovered by Jouko Pynnonen, and it was recovered with this new release of 4.2.1, since all previous versions of CMS are vulnerable. The new version has been pushed as an automatic update for the websites that have the feature enabled.

One of the corrections included, consists in checking that the strings stored in the database are not too long to generate unintended results on the server.

Installing 4.2.1 has become a priority, as the code for exploiting the vulnerability has been publicly available.  Also remember to not just update the core software of WordPress, but also the plugins and themes should be up to date. The plugins should be updated weekly to avoid vulnerability and keep the website healthy.

As noted this release fixes bugs and patch security problems. Security is the top priority for anyone running a website these days. Minor releases in WordPress ensure that the WordPress site remains secure and stable. Keep in mind that the security updates the site from hackers.

Get in touch with us if you want to hire WordPress Specialist for your wordpress development project and for more information visit  http://www.heliossolutions.in/technology/wordpress-web-design-agency/

Related Articles

Embrace WordPress and Engage Your Customers Effectively [Infographic] By Helios

  • March 31, 2017

The popularity of WordPress is gaining momentum with every passing day! WordPress breathes on PHP and owes its inception to […]

How to Choose a WordPress Development Agency for Enterprise Companies?

  • March 24, 2017
  • 5 min. read time

A highly functional website with pleasant user experience can help you build your brand and transform your business with a […]

How Virtual Reality and WordPress are Powering the Future of Web Design?

  • March 17, 2017
  • 3 min. read time

We are already in an era wherein virtual reality (VR) is no more a sci-fi dream but a tangible reality. […]

Leave Comment