WordPress 6.4.1 – Fix for a Critical cURL Bug


A critical bug has been discovered in the WordPress 6.4 major version, released on November 7, 2023. The bug prevents external connections on numerous WordPress sites. As a result, WordPress API connections are blocked, affecting for example updates and payment integrations when upgrading to WordPress 6.4. You can read more about the WordPress 6.4 update in our previous blog post.

A fix for this bug has been implemented in WordPress version 6.4.1, released last night. Sites in Seravo’s WordPress hosting and upkeep are not affected by this bug, as our environment uses an up-to-date version of cURL.

If the server is running an old version of cURL (7.29.0), external connections made by WordPress will be blocked after an upgrade to version 6.4. Sites affected by this bug will need to manually update WordPress to version 6.4.1, as the bug will of course also prevent WordPress’ own updates.

cURL is a command-line tool for transferring data using different network protocols.

More detailed information about the bug can be found on wptarvern.com.