We have a new security update for website’s developed in WordPress, updating it to version 3.9.2.
- Fixes a possible denial of service issue in PHP’s XML processing.
- Fixes a possible but unlikely code execution when processing widgets.
- Prevents information disclosure via XML entity attacks in the external GetID3 library.
- Adds protections against brute attacks against CSRF tokens.
- Contains some additional security hardening, like preventing cross-site scripting that could be triggered only by administrators.
We recommend contacting us to ensure that your WordPress website is fully updated and secured.