Information

WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. For details please check original post on Wordpress blog.

Resolution

Update Wordpress installation to version 4.1.2 or later:

  1. If Wordpress is installed as an APS application, go to Wesites > domain_name > Open in control panel > Applications > Manage My Applications and click on "Update avaliable" button, see screenshot:

**Note:** New version availability is being checked by daily Maintenance Script in PPA. If you still does not see **"Update avaliable"** button please wait for Daily Maintenance script or run the following two commands from the Management Node:

    #/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateApsCache

    #/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateApsApplications
  1. If Wordpress is installed not through APS application vault, but manually, follow Wordpress upgrade guide.

Internal content