WordPress Releases Security Update

Scheduled short-cycle security update fixes 4 vulnerabilities.

Threat ID:: CC-4006
Threat Severity:: Information only
Published:: 10 January 2022 1:53 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled short-cycle security update fixes 4 vulnerabilities.

Affected platforms

The following platforms are known to be affected:

Versions: all prior to 5.8.3

WordPress Core

Threat details

Introduction

WordPress has released a short-cycle security release to fix four security vulnerabilities concerning SQL injection, object injection, and stored cross site scripting (XSS). An attacker could exploit these vulnerabilities to take control of an affected website.

Remediation advice

Affected organisations are encouraged to review the WordPress Security Release and update to 5.8.3.

Definitive source of threat updates

https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/

Last edited: 10 January 2022 1:53 pm