Here at Progressum Digital, we take the security of your WordPress website very seriously. That’s why we’re proactively updating all our client websites to the latest WordPress version, 6.5.5, which includes critical security fixes.

Why is this update important?
WordPress 6.5.5 (released 24 June 2024) addresses three security vulnerabilities that could potentially leave your website susceptible to attack. These vulnerabilities include:

  • A cross-site scripting (XSS) vulnerability affecting the HTML API reported by Dennis Snell of the WordPress Core Team, along with Alex Concha and Grzegorz (Greg) Ziółkowski of the WordPress security team.
  • A cross-site scripting (XSS) vulnerability affecting the Template Part block reported independently by Rafie Muhammad of Patchstack and during a third party security audit.
  • Path traversal issue (Windows only): This issue could allow attackers to access files on your website that they shouldn’t be able to see.

These vulnerabilities could allow attackers to inject malicious code into your website, which could then be used to steal user data or redirect visitors to phishing sites. They may also be able to access files on your website that they shouldn ‘t be able to see.

What to expect:
We will be pushing the update to your website automatically over the next 24-48 hours. There’s no need for you to take any action.

For more information:
You can find more details about the WordPress 6.5.5 update on the official WordPress website: [WordPress Documentation on Version 6.5.5]

By staying on top of the latest WordPress updates, we can help ensure that your website is safe and secure. Follow the link to learn more about our WordPress website maintenance services.

If you have any questions or concerns, please don’t hesitate to contact us.