WordPress Core vulnerability October
For your WordPress protection, be informed about the latest WordPress Core vulnerability, fixed in security release WordPress 4.8.3 from October 31, 2017. This bug creates unexpected and unsafe conditions ripe for a SQL injection attack, exposing sites created on the content management system to account takeovers. If this sounds familiar, the v.4.8.2 was supposed to fix this issue but didn’t. WordPress versions 4.8.2 and earlier are affected by this security issue:
- WordPress versions 4.8.2 and earlier are affected by an issue where
$wpdb->prepare()can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but the nelwy added hardening can prevent plugins and themes from accidentally causing a vulnerability. Reported by Anthony Ferrara. Affected: WordPress 2.3-4.8.2
- immediately update to WordPress version 4.8.3 to fix the reported vulnerability
Protect your WordPress!
BEFORE IT'S TOO LATE! You will also protect your customers, your reputation and your online business.