WP Tavern reports of a new XSS Exploit vulnerability in the latest WordPress 4.2, 4.12, 4.11 releases. See the post here.
Cap Web WPcare customer sites have been temporarily patched to disable the attack capability. To do this we temporarily disabled comments in the meantime until the patch has been issued by the WordPress security team.
If you have Akismet activated on your site, you are already protected.
Once the patch is released Cap Web WPcare customer sites will be updated to the latest version of WordPress. This will accelerate the schedule of the update roll-out but this security flaw is something that should not be ignored.
Please contact our support desk if you have any questions.
