The WordPress development team has released version 5.8.3, a security release that addresses four vulnerabilities (three of which are rated as high severity).
https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/
It includes support for SQL injection in WP_Query, blind SQL injection via WP_Meta_Query, XSS attack via post slug, and admin object injection.
Every problem has its prerequisites for exploitation, and most WordPress sites using the default automatic core update settings are not at risk.
However, sites using WordPress 5.8.2 or earlier with a read-only file system with core automatic updates disabled in wp-config.php may be vulnerable to attacks based on the flaws we have identified.
The following are the four bugs addressed in this security update.
- CVE-2022-21661 : Severity (CVSS score 8.0): SQL injection via WP_Query. This flaw can be exploited via plugins and themes that use WP-Query, and is supported in WordPress versions up to 3.7.37.
- CVE-2022-21662 : Severity (CVSS score 8.0): XSS vulnerability allows authors (low privileged users) to exploit a post slug to add a malicious backdoor or hijack the site. 3.7.37 and up are supported.
- CVE-2022-21664 : High severity (CVSS score 7.4): SQL injection via the WP_Meta_Query class, covering WordPress versions up to 4.1.34.
- CVE-2022-21663 : Medium severity (CVSS score 6.6): Object injection issue, exploitable only if threat actors compromise administrator accounts, covers WordPress versions up to 3.7.37.
Also, these glitches are not likely to have a serious impact on most WordPress sites.
<!
However, it is recommended that all WordPress site owners upgrade to version 5.8.3, review their firewall settings, and make sure that WP Core Update is enabled.
This setting can be found in the ‘define’ parameter of wp-config.php, and can be used in
"define('WP_AUTO_UPDATE_CORE', true );"
This should be.
The core auto-updater was introduced in WordPress 3.7 in 2013, and according to official statistics, only 0.7% of all WP sites are currently running an older version than that.
Translated with www.DeepL.com/Translator (free version)
Comments