WordPress Releases Security Update 4.8.3

WordPress is an very popular open source software used by bloggers and millions of websites. A new security update, WordPress 4.8.3 is released, which addresses a potential SQL injection vulnerability. This update was released on October 31st and is available for public download.

Vulnerabilities Addressed

WordPress 4.8.2 and all previous versions are affected by a security flaw where $wpdb→prepare() can create uncan create unexpected and unsafe queries leading to potential SQL injection. Although the core is not directly vulnerable, additional hardening has been implemented to prevent plugins and themes from accidentally causing a vulnerability.
This release also included a change in behaviour for the esc_sql() function.

TechCERT encourages all  to review this release and upgrade to the newer version to avoid any potential risks and vulnerabilities.

Recommended Action

TechCERT encourages all WordPress users to review this release and upgrade to the newer version to avoid any potential risks and vulnerabilities.

Additional Information and Sources

logofooter2

Member of

logo apcertfirst logo-2

Collaborated with

apwg2ICTA logo2ack cymru

Our Partners
lanka-certify-logoDark-Lab-Logo2contact