WordPress, the ever-popular CMS, has announced its automatic update function is broken in version 4.9.3. Unless you manually update it to the newest version this time, your website won’t be receiving any further updates, leaving you exposed to a myriad of cybersecurity exploits.
Did you know that 29 per cent of all websites use WordPress as their primary CMS? This makes it lucrative for cybercriminals to develop a way to break their way inside and cause various sorts of mayhem. As of now, numerous organisations who use it are in trouble, so updating to the newest version must become a priority, as the bug that affected automatic updates has already been patched in the updated version.
Three ways to update your WordPress installation:
- Navigate to the WordPress administration area where you usually install updates from, then click the ‘update now’ button manually. This is by far the easiest method.
- Via FTP. Some people prefer to update their websites this way, and that’s fine. Simply download the latest ZIP package from WordPress’s official website and upload it to your website through FTP.
- Via PHP. If you have command access to your website, run the wp_maybe_auto_update() function.
- With WP-CLI. If you have it installed and you also have command access to your WordPress installation, the wp core update will take care of the updates.
An important lesson to be learned
While it’s easy to become complacent about cybersecurity by placing your trust in the CMS developers, at the end of the day, they’re only people and can easily make mistakes. The best defence remains constant vigilance.