ESC! Tech News
We want to help ensure it’s the best it can be.
Updates of Note: July 2025
In addition to the regular feature and product patches typically released, there were a few updates of note last month that may be applicable to your site including: WordPress 6.8.2 was released in mid-July and installed on your site shortly after. This minor update...
Older Posts
WordPress Security: WordPress 4.2.4 Released, Patches Critical Security Issue
WordPress 4.2.4 was released today to patch three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site. WordPress versions 4.2.3 and earlier are affected by these flaws and, if you’ve not yet done so, you should...
WordPress Security: WordPress 4.2.3 Released to Address Critical Security Issue
WordPress 4.2.3 was released today to patch a critical cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability. If...
WordPress Security: WooCommerce Vulnerability
WordPress Plugins A serious vulnerability has been discovered in the extremely popular e-commerce plugin for WordPress, "WooCommerce". If left unpatched, a WordPress installation utilizing version 2.3.5 or earlier could be vulnerable to a SQL injection attack that...
WordPress Security: WordPress SEO by Yoast Vulnerability
WordPress Plugins A serious vulnerability has been discovered in the WordPress plugin "WordPress SEO by Yoast". If left unpatched, a WordPress installation utilizing version 1.7.3 or earlier (see all patched versions below) could be vulnerable to a SQL injection...
WordPress Security: MainWP Child Vulnerability
WordPress Plugins A privilege escalation vulnerability has been discovered in the WordPress plugin "MainWP Child". MainWP Child is a plugin that works in conjunction with the WordPress management plugin, MainWP, to allow remote administration of WordPress-based...
WordPress Security: Zero-Day Vulnerability in “FancyBox for WordPress”
WordPress Plugins A zero-day vulnerability has been discovered in the WordPress plugin "Fancy Box for WordPress". If left unpatched, a WordPress installation utilizing version 3.0.3 or earlier could allow an attacker to install malware or other malicious content on...
Tech!Alert: Zero-Day Vulnerability Discovered in Adobe Flash Player
Adobe released a critical update to its Flash Player plugin version 16.0.0.296 and earlier that patches a zero-day vulnerability which could allow an attacker to take control of an affected system.
Adobe released a patch for the flaw on February 4th which will be sent to all desktop installs of Flash Player that have auto-update enabled and they expect to release a manually installable update no later than February 5th.
WordPress 4.1 “Dinah” Released!
Named for Jazz Singer, Dinah Washington, WordPress 4.1 was released today and brings with it a number of features focused specifically on the writing experience. All ESC! Technologies Group clients who subscribe to one of our WordPress Maintenance plans will be...
WordPress Security: Slider Revolution *update*
WordPress Plugins Another round of warnings have been issued by blogs and hosting companies alike about the Slider Revolution plugin by ThemePunch. Mostly, these new warnings are simply a reminder to those who didn't heed the alerts issued in September that they'd...
WordPress Security: WordPress 4.0.1 Critical Security Patch Released
WordPress 4.0.1 was released today to patch a critical cross-site scripting vulnerability, which could enable anonymous users to compromise your site. WordPress versions 3.9.2 and earlier are affected. If you've not yet done so, you should back up your site &...