WordPress Releases Security Update 4.8.3

PUBLISHED:
7 November 2017

WordPress Releases Security Update 4.8.3

WordPress is an very popular open source software used by bloggers and millions of websites. A new security update, WordPress 4.8.3 is released, which addresses a potential SQL injection vulnerability. This update was released on October 31st and is available for public download.

Vulnerabilities Addressed

WordPress 4.8.2 and all previous versions are affected by a security flaw where $wpdb→prepare() can create uncan create unexpected and unsafe queries leading to potential SQL injection. Although the core is not directly vulnerable, additional hardening has been implemented to prevent plugins and themes from accidentally causing a vulnerability.
This release also included a change in behaviour for the esc_sql() function.

TechCERT encourages all  to review this release and upgrade to the newer version to avoid any potential risks and vulnerabilities.

Recommended Action

TechCERT encourages all WordPress users to review this release and upgrade to the newer version to avoid any potential risks and vulnerabilities.

Additional Information and Sources

Critical Linux Kernel Vulnerability Allows Unprivileged Local Users to Gain Root Privileges (CVE-2026-31431)

READ MORE READ MORE

Critical Microsoft SharePoint Flaw Exploitations in the Wild

READ MORE READ MORE
15 January 2025 [NO.TCSA : 20250115-1-1-E]

Auth Bypass Vulnerability Exploited in Wild to Hijack Fortinet Firewalls

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN