The WordPress core team has released a new security and maintenance update, version WordPress 4.9.2 that fixes a major security problem and fixes up to 21 bugs from the previous version.
This is a minor and automatic update, unless you have automatic background updates disabled. WordPress, if you have not modified anything, will update itself and will send you an email informing you of this update.
The security bug affects all versions from 3.7 to 4.9.1 so it is important that you update to the most stable and secure version.
The problem is that there is a vulnerability in the Flash files in the MediaElement library. As WordPress has not used these files for several versions, what this update does is eliminate them from your installation, since they do not exist, the vulnerability disappears.
In any case, the MediaElement developers have developed a patch to solve this problem and the plugin update (if you use it) is available in the official WordPress repository.
But in terms of security, the thing does not stop there, if you are a user of Elegant Themes products, you should know that its developer has launched a general update that affects all its themes and plugins including the well-known DIVI, so we advise you to update as soon as possible, the company has launched a circular to explain and inform how the problem is solved, related to password-protected posts, today we will tell you live.
Likewise, the popular WordPress theme Enfold has released a maintenance and security update, which allows a malicious user to download the adjustments made and rewrite the portfolio’s permalink structure, as well as the correction of various bugs. As the author Kriesi informs us, this is one of the updates in a series to correct errors and improve this popular theme, but for the moment it is best to update the theme to its latest stable and secure version 4.2.1.
Continuing with security, if you are a user of the popular WooCommerce plugin, YITH WooCommerce Wishlist, you must update to version 2.2.0 to correct a SQL injection vulnerability, this is a very severe vulnerability, so it is very important that you update .
Today, January 18, 2018, at 7:00 p.m. Spanish time, Antonio Postigo @hoystreaming and Pedro Santos @hostfusion, we will tell you all the details about these important security news and how you can solve them.
You can follow the program live and participate actively with your comments in this same post.
WordPress News in Spanish, every Tuesday and Thursday, at 7:00 p.m. live, with Antonio Postigo @hoystreaming and Pedro Santos @hostfusion
All the videos from previous programs are available in the WordPress News section in Spanish and also in our Podcast.
An original idea of Host-Fusion.Com your provider hosting para WordPress trustworthy and HoyStreaming.comYour digital window to the world.
And don’t miss the #SALES at Host-Fusion until January 31, 2018, 25% discount in all our plans Hosting para WordPress using code HF25