As you may be aware, if you are not, then too bad, a few weeks ago, WordPress rolled out an update (4.9.3 Maintenance Release) that had a vulnerability flaw. That didn’t last long though as it was fixed within hours and a patch (4.9.4) was released.
As mentioned by WordPress in their blog, the 4.9.4 release of WordPress “will cause sites that support automatic background updates to fail to update automatically, and will require action from you (or your host) for it to be updated to 4.9.4.” 
Why is the 4.9.4 release so important?
4.9.4 Maintenance Release allows your website or blog to receive automatic security updates without any intervention from you. If you don’t update your website or blog to 4.9.4 Maintenance Release, this means that your website will be vulnerable to new security patches when they are released.
Updating to WordPress 4.9.4 doesn’t really require much of your effort, here are several ways you can update your WordPress site to receive continuous updates.
- Log into your WordPress Administration area and under Dashboard > Updates, click “Update now.”
- If you have command line access, you can use WP-CLI and run wp core update and it will take care of everything for you.
- You can manually use sFTP to download the latest version from WordPress.org and use sFTP to upload it to your site. (Make sure you do not overwrite your wpconfig file or your /wp-content folder.)
Please also note, for those customers whose websites were developed by us, we take care of the updates and therefore you do not need to take any action.
You may also need SSL Certificate to tighten your site security. Check here . XyPNET is the only website hosting company that offers SSL certificates in Zambia at the moment and we are ridiculously cheap.