WordPress 4.0: end of security updates and support

imgAlt

It's official; starting on December 1st 2022, the security team will no longer offer security updates and support for WordPress 3.7 to 4.0. In the meantime, here is a reminder of a few notable improvements made to the CMS in this series' final version by the publisher.

 

Why such a decision from the WordPress editor?

WordPress 4.0 and all releases from version 3.7 onwards will no longer have security support. The reasons for this are clear, the editor wants the WordPress development team to focus on updating the latest versions without having to keep older versions up to date. Indeed, the decision to stop supporting certain versions is based on the very low percentage of WordPress 4.0 websites, as counted by the publisher's statistics page: 0.2%!

An announcement was made to that effect: 

Officially, WordPress only offers support for the most recent version of the software (...). The security team has historically made it a habit to retroactively apply security corrections through email to websites using older versions in the hopes that the websites will be automatically updated (...). These historical court cases have up to this point included every WordPress version that supports automatic updates.

WordPress versions 3.7 through 4.0 have reached levels of usage, or less than 1% of all installations, where the benefit of providing these updates is outweighed by the effort required (...). Because more time will be devoted to meeting their needs, the newer versions of WordPress will be safer as support for the older ones is discontinued.

 

What are the evolutions brought by WordPress 4.0?

This has not prevented the editor from making significant improvements to three major aspects of the CMS: the multimedia library, video and content management.
 

The multimedia library

WordPress version 4.0 allows users to explore their uploads in an unlimited grid. With the preview mode, it is possible to access details, view and edit media files in order.
 

Better integration of videos 

The latest version of WordPress 4.0 allows you to view video files directly in the editor. The manipulation is simple: just paste the link of a YouTube or Twitter video and the content will appear directly on the screen.
 

Better content management

This new version of WordPress 4.0 has a content area that can automatically adjust to the content that is added! Therefore, there is less need to manually enlarge this space. All of this while having access to formatting tools, resulting in a considerable time savings.
 

WordPress' security in figures

Here are some figures to illustrate the level of security offered by WordPress to its users: 

  • Wordfence blocked 18.5 billion password attack requests on WordPress websites in the first half of 2021. (Wordfence, 2021)
     
  • The Wordfence web application firewall blocked 4 billion requests from blocked IPs and attackers attempting to exploit vulnerabilities in the first half of 2021. (Wordfence, 2021)
     
  • WPScan recorded 602 new vulnerabilities in WordPress plugins, themes and core in the first half of 2021. (Wordfence, 2021)
     
  • WPScan recorded over 550 vulnerabilities in plugins in the first half of 2021. (Wordfence, 2021)
     
  • WPScan recorded 47 theme vulnerabilities in the first half of 2021. (Wordfence, 2021)
     
  • About 90% of WordPress vulnerabilities are plugin vulnerabilities. 6% are theme vulnerabilities and 4% are core software vulnerabilities.
     
  • Cross-Site Scripting (XSS) vulnerabilities accounted for 52% of plugin vulnerabilities in the first half of 2021. (Wordfence, 2021)

 

Should I upgrade to a new version of WordPress

Faced with this cessation of security support and updates for WordPress 4.0, it is normal to wonder if it is worth keeping this version of the CMS or upgrading it.

First of all, our WordPress agency reminds you of the many advantages of choosing this CMS for web development: 

  • WordPress is a customizable CMS;
     
  • It is easy to use (Back office, add content, upload photos, track comments, etc.);
     
  • WordPress is supported by a huge community of followers;
     
  • It is designed to facilitate SEO.
     

To answer the question about upgrading, it is important to proceed if the version of WordPress already installed is more than two or three major versions old.

Again, it's important to work gradually, so don't go straight to the latest version of WordPress. WordPress expert, Esokia tells you more about WordPress 5!
 

Blog

See all blog posts