WordPress users can get the latest version (which was released about a week ago) three ways:

1. Download it here to manually upgrade.
2. Initiate the upgrade automatically by clicking the Upgrade link under the Tools menu in your blog’s admin. (v 2.7 or later)
3. Host your website with FireHost, and let us take care of the upgrade for you.

We’re glad to see WordPress take action to help prevent hackers from compromising websites built on the their great platform. Kudos to the WordPress team for helping keep everyone safe.

“Xssed.com lists nearly 13,000 Web pages that hosted cross-site scripting vulnerabilities, including a large number at trusted and high-traffic Web sites such as yahoo.com, google.com, msn.com, myspace.com and facebook.com, and cnn.com.”

Cross-site scripting vulnerabilities can be used to execute sophisticated phishing attacks, so they represent a significant threat to many internet users, including casual and social surfers. Further compounding the problem, only 3% of the 13,000 recorded web pages harboring cross-site scripting vulnerabilities were fixed last year, according to reports from Symantec.

As more and more malicious hackers exploit cross-site scripting vulnerabilities, tens of thousands of websites could be used to prey on millions of internet users.

In fact, as hackers have become adept in cross-site scripting (XSS) exploitation, they have deployed web-based worms against social networks like Twitter. These worms may not have caused significant damage yet, but users still run the risk of being lured into downloading malicious programs masquerading as a fun plug-in or anti-virus software.

At FireHost, we take the threat of cross-site scripting (XSS) exploitations very seriously. As part of our industry-leading secure web hosting environment, we use sophisticated, enterprise application firewalls to help prevent hackers from exploiting the web applications used to execute cross-site scripting attacks.

Start protecting your website, business, and customers by discovering the difference in FireHost’s unrivaled security. Visit FireHost.com and contact a FireHost Agent today.

Consider this example:

Mary frequently visits an online shopping website. One day, hackers use a cross-site scripting attack on the website, embedding malicious code. Mary returns to the website and buys a pair of new shoes, unknowingly passing her confidential information to hackers. Before she realizes what happened, someone has stolen her identity and ruined her credit.

Every business owner has more important things to do than mitigate a very public theft of your customer’s personal data, so make securing your customer data a priority today.

Unfortunately for consumers and businesses, many hosting providers don’t take effective measures to prevent cross-site scripting (XSS) attacks on their clients. If your hosting provider doesn’t address cross-site scripting attacks (XSS) properly, your company’s website could easily fall prey to hackers and expose your customer’s personal information.

Security is the primary focus at FireHost. We pride ourselves on providing industry-leading secure hosting, which includes a WAF to prevent cross-site scripting (XSS). This hardware security device stops hackers from exploiting web applications, securing your website, business, and customers from cross-site scripting (XSS) attacks.

To discover more about our secure hosting and prevention of cross-site scripting (XSS), contact a FireHost Agent today.