It will affect only a few users, but those to whom it does apply should take action.
Customers with a managed package at WP Provider do not need to take any actions this is already taken out of their hands.
As of Dec. 1, 2022, the WordPress security team no longer provides security updates for versions 3.7 through 4.0 of WordPress.
These WordPress versions were first released eight or more years ago, so the vast majority of WordPress installations use a newer version of WordPress. However, if you are facing it, it is high time to take action.
However, caution is needed here. It is not advisable to update WordPress from version 4.0 to the current WordPress 6.0.2. This can especially lead to problems with installed plugins and themes that are not compatible with such a high WordPress version. So you have to proceed step by step. So first update WordPress to, say, 4.9 and then “update” all plugins. The move to WordPress 5.0 should also be taken with caution, as this is where the Gutenberg editor was first introduced.
There are two ways to update WordPress step by step. Either manually, that is, you download the relevant WordPress version from the Archive unpack the package and overwrite the existing WordPress files on the server. However, you must ensure that the files
wp-config.php and the
wp-content folder are not copied and overwritten.
Or, and this is the other possibility, using an appropriate plugin. With the WP Downgrade specific core version plugin, you can not only downgrade your WordPress version, but also install specific WordPress versions. The plugin itself works as of WordPress version 3.0.1.
Note: You should always keep an eye on the PHP version on your server and update it if necessary, and don’t forget to make backups!