= phenomenon = WordPress 4.4.1 was released a few weeks ago, following the release of 4.4 a month or two ago. Now that an expected patch version was released for the most recent minor release, it seems like this would be a good time for an update to both WordPress instances.
= implementation recommendation = 1. Back up $SITE 2. Update $SITE
It was shared that WordPress 4.4.2 fixes a [https://www.wordfence.com/blog/2016/02/wordpress-4-4-2-security-update/?utm_source=list&utm_medium=email&utm_campaign=wp442 XSS vulnerability] allowing a user to embed malicious code into site content.
It is predicted that active exploits will begin appearing in the next 24 hours, so the Magazine and CommBlog should probably be updated as soon as possible.
[https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/ Official WordPress 4.4.2 announcement]
This upgrade has been finished on both instances.
Login to comment on this ticket.