How to Remove Cross-site Scripting Risk

Posted on by J. Mays | Updated:
Category: Security Bulletins, Technical Support, Tutorials | Tags: , , , , ,
Reading Time: < 1 minuteThe popular WordPress plugin WP Super Cache has been found to have a cross-site scripting (XSS) vulnerability in versions prior to 1.4.4. On sites with outdated versions, it is possible for an attacker to take complete control of the WordPress site. Please note: this vulnerability only affects users which have installed WP Super Cache. However, if you are unsure if you use the plugin or not you should still take precautions to protect your site. Thankfully, this is vulnerability is simple to address; version 1.4.4, available now, contains a patch.
This tutorial is very similar to our tutorial on updating any WordPress plugin: How To Update a WordPress Plugin
Step 1: Login to WordPress as Administrator
Hopefully, you’re already well-versed in logging into your WordPress site as an administrator!
Step 2: Access Updates
If there is an update for a plugin or a theme, then you’ll likely have a number in the top bar and next to Updates as shown below (the number 5). Click on Updates!
How To Update a WordPress Plugin - 01
Step 3: Update the Plugins
Check the boxes of the plugins you’d like to updated and click on Update Plugins: How To Update a WordPress Plugin And at the end of the update process you should receive something similar to, All updates have been completed. How To Update a WordPress Plugin
Step 4: Verify the Update
If you want to be absolutely sure your version is updated, you can click on Plugins and then verify that WP Super Cache is at least version 1.4.4 How To Update a WordPress Plugin For further reading, the following links Cross Site Scripting and WP Super Cache can be consulted for more information.

Related Articles:

Refer a friend and get hosting credit!