A new WordPress security update 4.4.1 was announced yesterday. The latest version fixes a cross-site scripting vulnerability that allows a site to be compromised as well as some minor issues.

All WordPress sites at SiteGround with enabled autoupdate service have been updated to the new version 4.4.1 last night and are safe and sound. For all WordPress sites that do not have the autoupdate option on, we have applied a rule in our WAF (web application firewall) that will block possible hacking attempts. As our firewall rule is not covering all possible hack scenarios, we are additionally patching WordPress sites on versions 3.7 to 4.4 at a website level.

Regardless of the security shields we have placed, we still recommend all websites that have not been autoupdated to upgrade to the newest version 4.4.1 or to the latest version within their current branch as soon as possible.

Thanks!

Please check your email to confirm your subscription.

Sign Up For More Awesome Content!

Sign up for our newsletters with the latest content and offer updates. You can unsubscribe at any time.

Name—Error message—

Email—Error message—

I agree to subscribe and I accept SiteGround Privacy Policy.

—Error message—

Subscribe

—Error message—

Google reCAPTCHA used. Privacy Policy and Terms of Service apply

var blog_subscribing_started = false;
var blog_subscribing_rendered = false;
var formSubmitBtn = $(‘form.subscribe-form’).find(‘.btn-submit’);
$(document).ready(function(ev) {
formSubmitBtn.on(‘click’, function(ev) {
ev.preventDefault();
let form = $(this).closest(‘.subscribe-form’);
if (blog_subscribing_started || $(this).hasClass(‘btn-disabled’)) {
return;
}

blog_subscribing_started = true;
blog_subscription_hide_errors(form);

grecaptcha.ready(function() {
grecaptcha.execute(r3k, {action: ‘submit’}).then(function(token) {
document.querySelectorAll(‘#rt3’).forEach(function(e) { e.value = token; })
blog_subscription_send_form(form);
});
});

});

})

function renderRecaptcha2(form) {
if (!$(‘#recaptcha2_challenge’).length) {
let verifyCallback = function(response) {
document.querySelectorAll(‘#rt2’).forEach(function(e) { e.value = token; })
};
$(‘