When your content management system powers more than 25 percent of the Internet, you can be reasonably confident of two things. The first is that there will always be somebody, and probably several somebodies, trying to break it. The second is that there will be hell to pay if they succeed.
For these reasons, webmasters can be confident that anything built on WordPress is about as robust as you can get, and WordPress is aiming to keep it that way with the recent release of Version 4.8.2.
The system of choice
WordPress has become the default tool of choice for sites large and small, private and commercial. It is free, it is easy to use and there are a wide choice of WordPress hosting options available, either shared or managed. Bearing all that in mind, it is easy to see why very few people see any reason to even consider looking elsewhere.
The latest update
WordPress announced the release of Version 4.8.2 on 19 September. The latest version addresses a number of security issues and vulnerabilities, the most important of which is a flaw found in $wpdb->prepare(), which had the potential to create unexpected and unsafe queries, potentially leading to a SQL injection. WordPress reassured users that the WordPress core itself is not vulnerable to this problem, but that certain plugins and themes could be, and this is what has been addressed.
The other significant fix concerned the vulnerability to a widget called Display Widgets, which had been widely reported in the press as having installed backdoors on as many as 200,000 websites. It is worth stressing that this vulnerability is now closed, and the perpetrator has been identified.
Other issues that were addressed in the update included two path traversal vulnerabilities that had been identified in the customizer and the file unzipping code, along with an open redirect that was uncovered.
What do you have to do?
WordPress has confirmed in its press release that anyone running older versions should update to Version 4.8.2 immediately, in order to enjoy the best security and a smoothly running website. If you’re new to the platform, then take advantage of coupons and deals for WordPress, but make sure that when you install the operating system, that you take it up to 4.8.2 from the start. With more than 300 million WordPress sites around the world, there will be a whole lot of updating going on over the coming days!