More threads by djbaxter

djbaxter

Administrator
Joined
Jun 28, 2012
Messages
3,778
Solutions
2
Reaction score
1,877
Many WordPress sites today have set the installation to auto-update when new versions of WordPress or your WordPress plugins are released. If you are one of them, your site should have received the update automatically by now. You can double check that you are running the 5.8.3 version. If not, do a manual update ASAP.

WordPress 5.8.3 Security Release

by Ram Gall, Wordfence.com
Jan 8, 2022

On January 6, 2022, the WordPress core team released WordPress version 5.8.3, which contains security patches for 4 high-severity vulnerabilities. These patches were backported to every version of WordPress since 3.7.

WordPress has supported automatic core updates for security releases since WordPress 3.7, and the vast majority of WordPress sites will have received these patches automatically and are no longer vulnerable.

Let me repeat that. Most WordPress sites are not in danger from these vulnerabilities, thanks to the WordPress core team deploying patches to all sites that allow automatic core updates for security patches, which is the default behavior.

Sites on read-only filesystems as well as sites that have explicitly disabled automatic core updates via setting define( 'WP_AUTO_UPDATE_CORE', false ); in wp-config.php may not yet have updated, and we urge owners of these sites to do so as soon as possible.

Vulnerability Analysis​

As with every WordPress core release containing security fixes, the Wordfence Threat Intelligence team analyzed the code changes in detail to evaluate the impact of these vulnerabilities on our customers, and to ensure our customers remain secure. Wordfence protects against all vulnerabilities addressed in this release of WordPress core, and as an additional precaution we have released a new firewall rule to protect against the cross site scripting vulnerability that was fixed in this release. This rule has been deployed to Wordfence Premium users.

Even if you are running Wordfence Premium, we encourage you to update WordPress core on all your sites at your earliest convenience, if you have not already been automatically updated.

Read more...

 

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

LocalU Event

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Top Bottom