A new WordPress security update 4.4.1 was announced yesterday. The latest version fixes a cross-site scripting vulnerability that allows a site to be compromised as well as some minor issues.
All WordPress sites at SiteGround with enabled autoupdate service have been updated to the new version 4.4.1 last night and are safe and sound. For all WordPress sites that do not have the autoupdate option on, we have applied a rule in our WAF (web application firewall) that will block possible hacking attempts. As our firewall rule is not covering all possible hack scenarios, we are additionally patching WordPress sites on versions 3.7 to 4.4 at a website level.
Regardless of the security shields we have placed, we still recommend all websites that have not been autoupdated to upgrade to the newest version 4.4.1 or to the latest version within their current branch as soon as possible.