WordPress is the most commonly used CMS (Content Management System) which is used by around 40% of all websites worldwide. Since this is an open-source application, codes are visible to everyone. In 2017, a severe content injection happened which has caused WordPress sites with the versions 4.7.0 and 4.7.1 to become vulnerable. This vulnerability allowed unauthenticated users to modify any post or page within a WordPress site.
Read more about Content Injection Vulnerability in WordPress 4.7.0 and 4.7.1.
What to do?
- Update your WordPress website to the newest version. WordPress developers have released newer versions of WordPress that contains the fix for vulnerabilities that happened in 2017.
- If you are just about to install your WordPress site, make sure to select auto upgrade/update version. This option can be found under Advanced Options if installing via Softaculous Apps Installer.
- For WordPress websites that are installed in Softaculous Apps Installer, enable the auto upgrade option via cPanel.
- Protect your website from vulnerabilities by taking advantage of Vodien’s WebGuard plans.
This is one of the reasons why WordPress always releases a new version. The updates are made to make WordPress websites more secure.