Follow on Google News News By Tag Industry News News By Place Country(s) Industry News
Follow on Google News | What's New in Latest WordPress Version For DevelopersAfter the discovery of a critical Zero-Day exploit in the previous version, it became imperative to fix bugs in the new WordPress 4.2.1 version.
By: CGColors The outcome of this extensive research was WordPress 4.2.2. As a developer, it is important to know what the new version brings to you in terms or changes, performance features and latest elements. Reminiscent of the Zero-Day Exploit, the existing susceptibility leaves your WordPress site open to attacks. This shows that a developer's company's or any client's portal can be hit by a cross-site scripting attack from malicious sources. Although, the flaw in the comment section was fixed efficiently with version 4.2.1, the guys at WordPress somehow ignored the other underlying elements including the popular themes and plugins that were also at risk. Let's focus on the fundamentals of the latest issue. How to Defend Against the Bad Guys The bad guys are always on a lookout to break into the vulnerable websites running on WordPress. By hook or by crook, they will try to achieve their hacking objective of stealing your data and adversely affecting the client's brand image. The 4.2.1 issue offered the Genericons font package. This new package now includes the 'High Dots Per Inch' display that is loved by every developer. However, there is an HTML file in the package contents that can be very easily injected with a script by any unknown source. Such an attack allows hackers to access your website's critical data without a hitch. Robert Abela noticed and raised voice towards this grave problem on the server side. The latest version reduces the risk by preventing these useless examples to be exploited through malicious code injections. HTML file, all themes, plugins and folders in the wp-content directory are thoroughly scanned for the file. Other Fixes In the latest version, the visual editor is more improved in terms of security with regards to XSS attacks. Though, WordPress developers (http://www.cgcolors.com/ There are various non-security related bugs are also addressed in WordPress 4.2.2: In the latest version, Emoji loading errors are fixed in thorough manner. The developers have also improved the performance of a keyboard shortcut for saving from the Visual editor on Mac. The oEmbed for YouTube URLs helps by not expecting HTTPS from the user side. The performance angle of the WordPress while checking for encoding in case of sending strings to MySQL is also improved dramatically. The bugs in reference tables in the dbname.tablename format has been fixed to provide for smooth queries to be processed. The earlier unnecessary memory usage for a regex checking for UTF-8 encoding has been lowered. Developers can alter the wrong index located in the wp_signups table on utf8mb4 conversion Loop detection's performance is improved in _get_term_children() The bug where attachment URLs were being forced to use HTTPS in some contexts is eliminated in this version. Why you need to update WordPress? This is basically the security update and a maintenance release for versions 4.2 and newer. But it is advised that in order to make your WordPress website secure, simply update the version without taking any chances. Why leave your website at risk of attack? We hope this article was helpful in explaining the latest WordPress 4.2.2 update. End
Account Email Address Account Phone Number Disclaimer Report Abuse
|
|