It’s bad news when you try to sort out a problem and the solution just makes matters worse. WordPress, the world’s most popular CMS and supporter of 60 million websites (28% of the total number), now knows this only too well.
Back in September, WordPress issued a fix to rectify a security vulnerability that potentially laid exposed websites wide open to attack via a Structured Query Language (SQL) injection bug. Unfortunately, far from resolving the issue, the patch made the vulnerability worse and also damaged a number of WordPress plugins; causing major problems for developers. WordPress versions 4.8.2 and earlier were left vulnerable to this bug.
Security researcher Anthony Ferrara spotted the glitch in the patch. After lengthy communication with WordPress, the CMS provider took his advice and issued a new fix that appears to have finally resolved the problem.