The latest security update followed the discovery of a cross-site scripting vulnerability that can leave earlier versions without the security bloggers need.
Update 3.0.4 is described by founder and developer Matt Mullenweg as ‘critical,’ affecting the core HTML sanitation library KSES – which, ironically, exists to strip potentially dangerous code out from posts and comments in order to keep the blog secure.
“I realise an update during the holidays is no fun,” Mullenweg explains, “but this one is worth putting down the eggnog for” due to the far-reaching nature of the security bug, which can be exploited to allow remote attackers full access to the blog and even the underlying server platform.
The flaw, which Mullenweg describes as “a very important update to apply to your wordpress sites as soon as possible because it fixes a core security bug,” upgrades the popular blogging platform to version 3.0.4 – and if you’re running an earlier version, it’s time to log in to the Dashboard and upgrade, because this WordPress update is Critical to your blog security.
Security and Backup
BackupBuddy– This premium backup plugin was created by iThemes, a well-respected development team.
The plugin automatically backs up your WP site to prevent any data or content loss in cases of server failure or security breaches.
- Effortless setup
- Backup of database, plugins, themes, all other files
- Restore you WP site
- Migrate your WordPress site
- Custom importer script for easy restoration
- Incremental backups
- Backup either daily, weekly, bi-monthly, monthly
- Store backup files via email or FTP
- Automatic plugin updates
No other WordPress Plugin performs a Full Backup of all your Files, Databases, Uploads, Plugins and SEO Settings.Subscribe via e-mail