Article ID: 125273, created on Apr 23, 2015, last review on Apr 26, 2015

  • Applies to:
  • Plesk Automation

Information

WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. For details please check original post on Wordpress blog.

Resolution

Update Wordpress installation to version 4.1.2 or later:

  1. If Wordpress is installed as an APS application, go to Wesites > domain_name > Open in control panel > Applications > Manage My Applications and click on "Update avaliable" button, see screenshot:

**Note:** New version availability is being checked by daily Maintenance Script in PPA. If you still does not see **"Update avaliable"** button please wait for Daily Maintenance script or run the following two commands from the Management Node:

    #/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateApsCache

    #/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateApsApplications
  1. If Wordpress is installed not through APS application vault, but manually, follow Wordpress upgrade guide.

Search Words

WordPress 4.1.2 Security Release

wordpress security

wordpress security

e0aff7830fa22f92062ee4db78133079 caea8340e2d186a540518d08602aa065

Email subscription for changes to this article
Save as PDF