Article ID: 125271, created on Apr 23, 2015, last review on Jun 17, 2016

  • Applies to:
  • Plesk


WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. For details please check original post on Wordpress blog.


Update Wordpress installation to version 4.1.2 or later:

  1. If Wordpress is installed as an Plesk application, go to Subscriptions > domain_name > Applications > Manage My Applications and click on "Update avaliable" button, see screenshot:

 **Note:** New version availability is being checked by daily Maintenance Script in Plesk. If you still does not see **"Update avaliable"** button please wait for Daily Maintenance script or run the following two commands:

    #/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateApsCache

    #/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateApsApplications
  1. If Wordpress is installed not through Plesk application vault, but manually, follow Wordpress upgrade guide.

Search Words

WordPress 4.1.2 Security Release

4.1.2 release

wordpress security

a914db3fdc7a53ddcfd1b2db8f5a1b9c 56797cefb1efc9130f7c48a7d1db0f0c

Email subscription for changes to this article
Save as PDF