Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

WordPress 5.8.1 security release addresses trio of vulnerabilities

WordPress has rolled out an update to its core codebase that includes mitigations against three security flaws

As well as fixing 61 bugs, WordPress 5.8.1, released yesterday (September 9), addresses a data exposure vulnerability within the REST API, an interface that allows plugins and themes to interact with WordPress core.

It also fixes a cross-site scripting (XSS) vulnerability in the Gutenberg block editor, as well as multiple vulnerabilities in the Lodash JavaScript Library that are rated critical to high severity.

The library has now been updated to version 4.17.21 in each branch to incorporate upstream security fixes.

The update also includes 41 bug fixes on WordPress core, as well as 20 bug fixes for the block editor.

Core update

WordPress versions between 5.4 and 5.8 are affected, and the open source web giant recommends updating immediately, if they have not already done so.

Version 5.8 was released in July, extending the Site Health admin interface to make it easier for developers to include their own tabs and allow website administrators to navigate their way around the Site Health portal more easily.

It also added several new block editor features, support for the WebP image format, an ‘Update URI’ header for plugin developers, and changes to the REST API.

The next major release will be version 5.9, currently in alpha, with beta 1 set for November 16 and general release planned for December 14.

“The main goal for 2021 is getting full site editing to all WordPress users,” says executive director Josepha Haden Chomphosy.

Source: https://portswigger.net/daily-swig/wordpress-5-8-1-security-release-addresses-trio-of-vulnerabilities

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Cyber Security

The Environmental Protection Agency cited a lack of resources and the sheer volume of critical vulnerabilities as the reasons for its inability to patch...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO