12
Jan 2022
Vulnerability Alert - WordPress
TYPE
Vulnerabilities
SYSTEMS AFFECTED
WordPress versions between 3.7 and 5.8
ECOSYSTEM
Wordpress
Descrição
WordPress released a security update where it is addressed four vulnerabilities - two SQL Injection, one Object Injection and one XSS.
Please see [1] and [2] for details on the vulnerabilities.
Impacto
There are various possible attacks that can be performed if these vulnerabilities are exploited, such as remote code execution.
Resolução
It is recommended to update to WordPress version 5.8.3.
Referências
[1] https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/
[2] https://www.wordfence.com/blog/2022/01/wordpress-5-8-3-security-release/