How to Prevent Being Hacked by the Cross-site Scripting Vulnerability in WP Super Cache ?

Please note: this vulnerability only affects users which have installed WP Super Cache. However, if you are unsure if you use the plugin or not you should still take precautions to protect your site.

Thankfully, this is vulnerability is simple to address; version 1.4.4, available now, contains a patch.

 

Hopefully, you’re already well-versed in logging into your WordPress site as an administrator!

If there is an update for a plugin or a theme, then you’ll likely have a number in the top bar and next to Updates as shown below (the number 5). Click on Updates!

Check the boxes of the plugins you’d like to updated and click on Update Plugins:

And at the end of the update process you should receive something similar to, All updates have been completed.

If you want to be absolutely sure your version is updated, you can click on Plugins and then verify that WP Super Cache is at least version 1.4.4

For further reading, the following links can be consulted:

• https://www.us-cert.gov/ncas/current-activity/2015/04/09/WP-Super-Cache-Cross-Site-Scripting-XSS-Vulnerability
• https://wordpress.org/plugins/wp-super-cache/developers/