Skip to main content

WordPress fixes huge security vulnerability, all users instructed to update

wordpress vulnerability version 472 plug in
INBJ / 123RF
A serious zero-day vulnerability has been discovered in WordPress, and fixed as of its most recent stable release. All WordPress users are encouraged to make sure that they have updated their installation to version 4.7.2, as otherwise their site could be hijacked.

It’s thought that the exploit could give attackers the ability to modify the content on any post or page that’s part of a site built with WordPress, as per a report from Tripwire. Obviously, this lends itself to garden variety vandalism, but there’s also the threat of a much more troubling form of attack.

The vulnerability could be used to introduce harmful links into otherwise benign content. These links could take users to sites that install malicious software on their computers, or even be utilized as one element of a larger phishing scam, using the WordPress site as cover.

The problem was discovered by researchers at security firm Sucuri, which notified WordPress on January 20. The vulnerability was kept quiet at the time, because a fix had to be developed, and making the issue public could potentially have allowed malicious entities to take advantage.

Major WordPress hosting services and security companies were notified about the vulnerability ahead of its existence being disclosed to the public. Data from these organizations showed no indication that attackers had been able to exploit the issue.

However, now that the problem has been made public, it’s possible that criminal entities could use the vulnerability to target WordPress installations that aren’t up to date. Version 4.7.2 has been available since January 26, but users that don’t have automatic updates activated will need to initiate the process manually.

That means that if you have a WordPress site set up that you haven’t looked at in a while, it’s time to make sure it’s running version 4.7.2. It only takes a moment to check that you’re up to date — but if hackers manage to exploit this vulnerability on your site, you’re in for a much bigger headache.

Editors' Recommendations

Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
Best color laser printers for 2024: tested and reviewed
A Brother printer on a counter in front of a brick wall.

The best color laser printers can be a great investment, saving you quite a bit of time and money. For shoppers worried about the long-term ink costs, you'll find color laser printers surprisingly affordable. Laser printers use toner, which lasts a very long time, delivering a low cost per page for monochrome documents and fast color prints. The best color laser printers offer quick performance and reliability to help keep your home office or small business productive.

If you need to scan documents for record-keeping and photo capture or want the convenience of a color copier, an all-in-one color laser printer is an essential tool for your small business or personal use. For a small added cost, you get expanded capabilities. That's why every model on this list is an all-in-one from the best printer brands.

Read more
The 5 best Wi-Fi adapters for PC in 2024
The Ugreen AC1300 Wi-Fi adapter in a desktop PC.

Whether you're designing it yourself or getting a pre-built PC, it can be easy to get a computer and realize that it doesn't have a native Wi-Fi adapter. Or, maybe it does, but you're internet speeds are getting faster, game downloads are getting bigger, you've already upgraded your router and need an adapter to match your newfound power requirements. No matter the situation, an external Wi-Fi adapter that you can add to your PC setup or even laptop setup will be worth your time. Here, we investigate the best Wi-Fi adapters for PC use. Most are incredibly affordable and just snap into a free USB port and start working.
The best Wi-Fi adapter for PC in 2024

Buy the

Read more
How to pin a website to the taskbar in Windows
A man sits, using a laptop running the Windows 11 operating system.

Windows includes many interesting tools, but if you’re like many people, more and more of your digital life is happening in your web browser and nowhere else. That being the case, you’ll want to keep your most important websites close at hand. The easiest way to access them in Windows is the Start menu and the taskbar, treating them more or less like programs in and of themselves.

Although easy overall, getting a website from your browser to your taskbar is slightly different depending on which browser you’re using.

Read more