Patch/Configuration Management

WordPress releases security fixes for four vulnerabilities

“Wordpress” by Huasonic is licensed under CC BY-NC 2.0

WordPress recently released security features to fix four vulnerabilities with the popular website publishing platform. 

The short-cycle security release 5.8.3 updates WordPress versions between 3.7 and 5.8, and the company recommended that users should update their sites immediately. Three of the four vulnerabilities are rated as high importance.

The updates fix:

  • an issue with stored XSS through post slugs;
  • an issue with Object injection in some multi-site installations;
  • a SQL injection vulnerability in WP_Query;
  • and a SQL injection vulnerability in WP_Meta_query, which is only relevant to versions 4.1 through 5.8.

WordPress noted in the blog post that the next major release will be version 5.9, which is already in the release candidate stage.

Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.