WordPress 5.8.3 Security Update Fixes Four Flaws

WordPress has released version 5.8.3 security update that fixes four vulnerabilities: CVE-2022-21661, CVE-2022-21662, CVE-2022-21663, and CVE-2022-21664.

CVE-2022-21661 is a SQL injection via WP _ Query. The vulnerability is a high severity flaw with an 8.0 severity rating. It is exploited via plugins and themes that use WP-Query.

CVE-2022-21662, an XSS high severity flaw has a severity of 8.0. The flaw allows authors with lower privilege users to add a malicious backdoor or take over a page by abusing post slugs.

CVE-2022-21663 has an average severity with a CVSS score of 6.6. This is an object injection problem that is exploited after a threat actor compromised the administrator account.

CVE-2022-21664 is a high severity flaw with a 7.4 CVSS score. It is an SQL injection error that is exploited via the WP_Meta_Query core class.

For CVE-2022-21611, CVE-2022-21612, CVE-2022-21613, fixes cover WordPress versions down to 3.7.37. For CVE-2022-21614, fixes cover WordPress versions down to 4.1.34.

For more information, read the original story in BleepingComputer.

WordPress 5.8.3 Security Update Fixes Four Flaws

Top Stories

Iran threatens AI data centres amid escalating infrastructure conflict

Oracle begins mass layoffs to fund $156 billion AI infrastructure push

OpenAI brings in Smartly to shape how ads work inside ChatGPT

Quantum breakthrough researchers cut required qubits from millions to thousands

Anthropic coding tool exposes full source code again after packaging error

Cisco breach exposes 300+ repos after supply chain attack

Related Articles

Anthropic coding tool exposes full source code again after packaging error

Cisco breach exposes 300+ repos after supply chain attack

New Google update targets sensitive data exposure in search results

GitHub Copilot to train on user data by default

TND News Desk

TND News Desk

Jim Love

Follow Us

Popular categories

Tech News Delivered