WordPress regularly releases security patches – they released four high-severity vulnerability patches in early 2022 to stop attackers exploiting vulnerabilities and taking control of sites (SQL injection, object injection, and stored cross site scripting).
Most WordPress sites have automatic short-cycle core updates, and would have been automatically patched… but it’s conceivable that some websites have this disabled.
As a general rule, we recommend:
- automatic short-cycle WordPress core updates (this is vital nowadays); and
- against automatic major WordPress core updates;
- against automatic updates of plugins;
- regular WordPress maintenance.
If you’re unsure, then contact your web developer ASAP to prevent current and future exploits.
WordPress maintenance doesn’t guarantee that your site won’t have problems… but it does reduce the chance of problems and improve recovery speed. Please contact us or call 3366 8166 to discuss your needs.