WordPress 5.8.3 Security Update Fixes Four Flaws

WordPress has released version 5.8.3 security update that fixes four vulnerabilities: CVE-2022-21661, CVE-2022-21662, CVE-2022-21663, and CVE-2022-21664.

CVE-2022-21661 is a SQL injection via WP _ Query. The vulnerability is a high severity flaw with an 8.0 severity rating. It is exploited via plugins and themes that use WP-Query.

CVE-2022-21662, an XSS high severity flaw has a severity of 8.0. The flaw allows authors with lower privilege users to add a malicious backdoor or take over a page by abusing post slugs.

CVE-2022-21663 has an average severity with a CVSS score of 6.6. This is an object injection problem that is exploited after a threat actor compromised the administrator account.

CVE-2022-21664 is a high severity flaw with a 7.4 CVSS score. It is an SQL injection error that is exploited via the WP_Meta_Query core class.

For CVE-2022-21611, CVE-2022-21612, CVE-2022-21613, fixes cover WordPress versions down to 3.7.37. For CVE-2022-21614, fixes cover WordPress versions down to 4.1.34.

For more information, read the original story in BleepingComputer.

WordPress 5.8.3 Security Update Fixes Four Flaws

Top Stories

How can project sponsors help projects succeed?

AI pioneer Yann LeCun calls Elon Musk’s xAI a ‘failure’

Microsoft sued by shareholders over Azure growth and AI spending

SpaceX shares fall 20% from peak following $60 billion cursor acquisition

Snap unveils first consumer AR glasses priced at more than $2,000

Key U.S. data center law faces expiration with no replacement in sight

Related Articles

Hackers used Meta’s AI support bot to hijack 20,000 Instagram accounts

New ‘HTTP/2 Bomb’ attack can crash major web servers from a single computer

CISA exposed internal passwords and cloud keys in public repository

Canvas restores service after cyberattack disrupted schools and universities

TND News Desk

TND News Desk

Jim Love