If your website runs on WordPress; it’s important that you keep reading! There is a chance your website is not running a secure version of the WordPress core.
The latest update of the WordPress core version (4.8.3) is described by the WordPress core team as a Security Release because it fixes an SQL injection vulnerability which can be exploited by malicious hackers.
The WordPress core itself is not directly affected by this vulnerability but any themes or plugins using the $wpdb->prepare() method could unwittingly be left open to malicious hackers and the only way to fix it is to update your WordPress installation to version 4.8.3.
How do I know what version of WordPress my website is using?
Log in to your WordPress dashboard and navigate to Dashboard -> Updates. Near the top of the page you should see a message which will tell you either “You have the latest version of WordPress” or “An updated version of WordPress is available”.
Depending on your dashboard set-up you can also be able to check it from your main Dashboard page, which is the page you land on when you first log in to your website.
Look for the “At a Glance” information box and see if there is a button called Update to 4.8.3.
This button will only display if there is an update available.
Another way to check is to log in to your WordPress site and simply scroll to the bottom of the page where at the very bottom left hand side you will see the “Thank you for creating with WordPress” statement and to the right of that you will see the text saying either “Version 4.8.3” or “Get Version 4.8.3”.
If you see the latter you are not running the latest version and need to update as soon as possible!
Before you click that Update button: Backup!
99.9% of the time updating a website’s WordPress version is a smooth process without any complications, but there are still that 0.1% of cases where something breaks and that’s when you will be glad you made a backup because now your site can be restored and the issue fixed, and then the update can be successfully applied.
If you are unsure about updating either your WordPress core or your WordPress Theme or any Plugins, which should all always be kept up to date, contact your web company for help and advice.
All Purple Panda Media clients under service agreements will automatically have this update applied to their installation, if you are not under a support agreement and would like help applying this update please get in touch.