It seems just last week, WordPress has updated its platform, but now it has already upgraded its platform into 4.4.2 version, and we guess the update will still continue in order to enhance its performance. The upgraded actually brings many good benefits to its users. If you are web developer who loves to use WordPress as your platform, you better find out this new information as it is predicted that there are many changes made by WordPress.
After reviewing WordPress 4.4.1, now WordPress has released its latest version, which is named WordPress 4.4.2, a security update for all versions which is now available for download, so we strongly encourage you to update your sites immediately. There are several upgrading done in WordPress 4.4.2. Two security issues were identified in WordPress 4.4.1 and earlier, including possible SSRF for certain local URls, and an open redirection attack.
To clarify what is SSRF and open redirect attack is, we will give a little review about it.
SSRF stands for ‘server side request forgery’ and can be deployed by attackers to bypass access controls, such as firewalls, and ultimately crash your system.
While open redirect is a bit more straight forward, it would take a trusted site and redirect visitors to an untrusted site, with the goal to get visitors to land on phishing sites or any other type of malicious site.
Besides, fixing the two major security issues, other repairs are also found in WordPress 4.4.2, such as fixing 17 bugs from the previous version, 4.4 and 4.4.1.
So, if you are interested in having WordPress latest version, you can download WordPress 4.4.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.4.2.
If your version of WordPress has not automatically updated, then update it manually. In the end, you need to make sure that you check your themes and plugins for updates as well.