{"id":8790,"date":"2015-04-27T09:50:19","date_gmt":"2015-04-27T14:50:19","guid":{"rendered":"https:\/\/wpengine.com\/?p=8790"},"modified":"2015-04-27T09:51:33","modified_gmt":"2015-04-27T14:51:33","slug":"all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability","status":"publish","type":"post","link":"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/","title":{"rendered":"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability"},"content":{"rendered":"<p>At WP Engine, we take the security of your sites very seriously, and we strive to proactively keep you aware of any potential issues or vulnerabilities that could impact the sites you entrust to us.<\/p>\n<p>A vulnerability was announced yesterday that impacted all WordPress sites across the world. If exploited, this vulnerability would allow malicious users to store JavaScript code which then could be used to obtain the credentials of anyone who visits the page. This <a href=\"http:\/\/www.forbes.com\/sites\/thomasbrewster\/2015\/04\/27\/wordpress-zero-day-exploits\/\">Forbes<\/a> article discusses the vulnerability in more detail.<\/p>\n<p>Here at WP Engine, our Security Engineers immediately sprang into action and had placed a patch on our environment within three hours of the vulnerability being announced yesterday. This means that all WP Engine customers are safe and not vulnerable to this issue. You do not need to take any mitigation steps such as turning off comments, or wait for a WordPress update to ensure you are secure.<\/p>\n<p>We\u2019re proud to continue to fulfill our commitment to our customers by ensuring your sites are safe and secure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>At WP Engine, we take the security of your sites very seriously, and we strive to proactively keep you aware of any potential issues or vulnerabilities that could impact the sites you entrust to us. A vulnerability was announced yesterday that impacted all WordPress sites across the world. If exploited, this vulnerability would allow malicious<span class=\"tile__ellipses\">&hellip;<\/span><span class=\"tile__ellipses--animated\"><\/span><\/p>\n","protected":false},"author":37,"featured_media":8792,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[85],"tags":[13,37],"class_list":["post-8790","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-2","tag-security","tag-wordpress-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability | WP Engine<\/title>\n<meta name=\"description\" content=\"All WP Engine customers are safe from the WordPress 4.2 Comment XSS vulnerability.\" \/>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability | WP Engine\" \/>\n<meta property=\"og:description\" content=\"All WP Engine customers are safe from the WordPress 4.2 Comment XSS vulnerability.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"WP Engine\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/wpengine\" \/>\n<meta property=\"article:published_time\" content=\"2015-04-27T14:50:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2015-04-27T14:51:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wpengine.com\/case-studies\/wp-content\/uploads\/2015\/04\/security-shield.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1102\" \/>\n\t<meta property=\"og:image:height\" content=\"461\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Dustin Meza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@dustinmeza\" \/>\n<meta name=\"twitter:site\" content=\"@wpengine\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dustin Meza\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/\",\"url\":\"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/\",\"name\":\"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability | WP Engine\",\"isPartOf\":{\"@id\":\"https:\/\/wpengine.com\/case-studies\/#website\"},\"datePublished\":\"2015-04-27T14:50:19+00:00\",\"dateModified\":\"2015-04-27T14:51:33+00:00\",\"author\":{\"@id\":\"https:\/\/wpengine.com\/case-studies\/#\/schema\/person\/b0fad0bc1f84e257b9766dd6ad83090f\"},\"description\":\"All WP Engine customers are safe from the WordPress 4.2 Comment XSS vulnerability.\",\"breadcrumb\":{\"@id\":\"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wpengine.com\/case-studies\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wpengine.com\/case-studies\/#website\",\"url\":\"https:\/\/wpengine.com\/case-studies\/\",\"name\":\"WP Engine\",\"description\":\"Managed Hosting for WordPress\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wpengine.com\/case-studies\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/wpengine.com\/case-studies\/#\/schema\/person\/b0fad0bc1f84e257b9766dd6ad83090f\",\"name\":\"Dustin Meza\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/wpengine.com\/case-studies\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/31ab5fbff27b09e6eaecd8207bea0536fb527eb741f54c34ba2778eb332992ed?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/31ab5fbff27b09e6eaecd8207bea0536fb527eb741f54c34ba2778eb332992ed?s=96&d=mm&r=g\",\"caption\":\"Dustin Meza\"},\"description\":\"Dustin Meza works as the Senior Manager of Customer Experience Operations. His passion is seen everyday in making our Support teams and Customer Experience better. In his spare time he loves sports and enjoying the Austin Outdoor Life to it's fullest with his wife and dog, Maddy.\",\"sameAs\":[\"www.linkedin.com\/in\/dustinmeza\",\"https:\/\/twitter.com\/dustinmeza\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability | WP Engine","description":"All WP Engine customers are safe from the WordPress 4.2 Comment XSS vulnerability.","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability | WP Engine","og_description":"All WP Engine customers are safe from the WordPress 4.2 Comment XSS vulnerability.","og_url":"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/","og_site_name":"WP Engine","article_publisher":"https:\/\/www.facebook.com\/wpengine","article_published_time":"2015-04-27T14:50:19+00:00","article_modified_time":"2015-04-27T14:51:33+00:00","og_image":[{"width":1102,"height":461,"url":"https:\/\/wpengine.com\/case-studies\/wp-content\/uploads\/2015\/04\/security-shield.png","type":"image\/png"}],"author":"Dustin Meza","twitter_card":"summary_large_image","twitter_creator":"@dustinmeza","twitter_site":"@wpengine","twitter_misc":{"Written by":"Dustin Meza","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/","url":"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/","name":"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability | WP Engine","isPartOf":{"@id":"https:\/\/wpengine.com\/case-studies\/#website"},"datePublished":"2015-04-27T14:50:19+00:00","dateModified":"2015-04-27T14:51:33+00:00","author":{"@id":"https:\/\/wpengine.com\/case-studies\/#\/schema\/person\/b0fad0bc1f84e257b9766dd6ad83090f"},"description":"All WP Engine customers are safe from the WordPress 4.2 Comment XSS vulnerability.","breadcrumb":{"@id":"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/wpengine.com\/case-studies\/all-wp-engine-customers-are-safe-from-the-wordpress-4-2-comment-xss-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wpengine.com\/case-studies\/"},{"@type":"ListItem","position":2,"name":"All WP Engine Customers Are Safe From The WordPress 4.2 Comment XSS Vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/wpengine.com\/case-studies\/#website","url":"https:\/\/wpengine.com\/case-studies\/","name":"WP Engine","description":"Managed Hosting for WordPress","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wpengine.com\/case-studies\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/wpengine.com\/case-studies\/#\/schema\/person\/b0fad0bc1f84e257b9766dd6ad83090f","name":"Dustin Meza","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wpengine.com\/case-studies\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/31ab5fbff27b09e6eaecd8207bea0536fb527eb741f54c34ba2778eb332992ed?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/31ab5fbff27b09e6eaecd8207bea0536fb527eb741f54c34ba2778eb332992ed?s=96&d=mm&r=g","caption":"Dustin Meza"},"description":"Dustin Meza works as the Senior Manager of Customer Experience Operations. His passion is seen everyday in making our Support teams and Customer Experience better. In his spare time he loves sports and enjoying the Austin Outdoor Life to it's fullest with his wife and dog, Maddy.","sameAs":["www.linkedin.com\/in\/dustinmeza","https:\/\/twitter.com\/dustinmeza"]}]}},"acf":[],"_links":{"self":[{"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/posts\/8790","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/users\/37"}],"replies":[{"embeddable":true,"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/comments?post=8790"}],"version-history":[{"count":0,"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/posts\/8790\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/media\/8792"}],"wp:attachment":[{"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/media?parent=8790"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/categories?post=8790"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpengine.com\/case-studies\/wp-json\/wp\/v2\/tags?post=8790"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}