WordPress Core vulnerability October

November 3, 2017
WP Security: WordPress Core vulnerabilities October

For your , be informed about the latest WordPress Core vulnerability, fixed in release WordPress 4.8.3 from October 31, 2017. This bug creates unexpected and unsafe conditions ripe for a SQL injection attack, exposing sites created on the content system to account takeovers. If this sounds familiar, the v.4.8.2 was supposed to fix this issue but didn’t. WordPress versions 4.8.2 and earlier are affected by this issue:

  1.  WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but the nelwy added hardening can prevent plugins and themes from accidentally causing a vulnerability. Reported by Anthony Ferrara. Affected: WordPress 2.3-4.8.2
    • immediately to WordPress version 4.8.3 to fix the reported vulnerability

Protect your WordPress!

BEFORE IT'S TOO LATE! You will also your customers, your reputation and your online business.

No comments

Leave a Reply

Your email address will not be published.

WordPress Core vulnerability October

by Csaba Miklós time to read: 2 min