WP Core Vulnerability FEB 2022:
Version 5.8.3
For your WordPress protection, be informed about the LATEST WP Core Vulnerability FEB 2022. Security issues affects WordPress versions between 5.4 and 5.8.2 If you haven’t yet updated to 5.8.3, all WordPress versions since 5.4 have also been updated to fix the following security issues:
Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!
- WordPress 5.8.3 Security Release – SQL Injection via WP_Query
- This vulnerability is not exploitable directly via WordPress core, but some plugins and themes may use WP_Query in a way that allows SQL injection.
- WordPress 5.8.3 Security Release – Stored Cross-Site Scripting (XSS) via Post Slugs
- As with most XSS vulnerabilities, this vulnerability could be used to completely take over a site, or to add a malicious backdoor. However, it can only be exploited by users with the ability to publish posts. This vulnerability allows Authors and WooCommerce Shop Owner to add scripts to a site, but both roles are relatively trusted.
- WordPress 5.8.3 Security Release – Blind SQL Injection via WP_Meta_Query
- Due to lack of proper sanitisation in WP_Meta_Query, there’s potential for blind SQL Injection.
- WordPress 5.8.3 Security Release – Super Admin Object Injection in Multisites
- This issue requires Super Administrator privileges to exploit, and only Multisite WordPress sites are vulnerable.
Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!
