• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Awantego

  • Websites
  • Unique Content
  • SEO
  • Blog
  • Contact

20. September 2017 by admin

WordPress Security Update 4.8.2. Released

By the end of 19. September 2017 WordPress.org just released a maintenance and security update. With the latest update WordPress now shows version 4.8.2. as its latest release.

The update includes a fix to $wpdb->prepare() to help protect against SQLi injection attacks. WordPress core is not vulnerable to SQLi injection attacks directly, but certain plugins and themes may be vulnerable depending on how they use the $wpdb->prepare() function in their code. This fix alone is reason to update immediately to 4.8.2. Read more about it: WordPress Security Update 4.8.2 – Update Immediately

The following security and sql related issues were fixed with version 4.8.2.:

  1. $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Slavco.
  2. A cross-site scripting (XSS) vulnerability was discovered in the oEmbed discovery. Reported by xknown of the WordPress Security Team.
  3. A cross-site scripting (XSS) vulnerability was discovered in the visual editor. Reported by Rodolfo Assis (@brutelogic) of Sucuri Security.
  4. A path traversal vulnerability was discovered in the file unzipping code. Reported by Alex Chapman (noxrnet).
  5. A cross-site scripting (XSS) vulnerability was discovered in the plugin editor. Reported by 陈瑞琦 (Chen Ruiqi).
  6. An open redirect was discovered on the user and term edit screens. Reported by Yasin Soliman (ysx).
  7. A path traversal vulnerability was discovered in the customizer. Reported by Weston Ruter of the WordPress Security Team.
  8. A cross-site scripting (XSS) vulnerability was discovered in template names. Reported by Luka (sikic).
  9. A cross-site scripting (XSS) vulnerability was discovered in the link modal. Reported by Anas Roubi (qasuar).

You may read more on the latest software release on the wordpress website.

About WordPress: WordPress is the most popular content management system fot both bloggers and website owners worldwide.

Customers of hosted wordpress or managed wordpress installations do not have to take any action. The engineers and technicians of awantego.com’s websites have either already updated wordpress or a just about to update your wordpress website to the latest release (Version 4.8.2)

  • About the Author
  • Latest Posts
  • Latest Tutorials

About admin

  • WordPress Security Update 4.8.2. Released - 20. September 2017
View All Posts
No Posts for this author.

Related posts:

What is a WordPress PlugIn?What You Need to Know About WordPress Plugins wordpress agencyHow to Find a Good WordPress Agency Best author bio box plugins for wordpress The Fastest WordPress Themes and Why You Want One what you need to know about wp themesWhat is a WordPress Theme?

Filed Under: Wordpress

Primary Sidebar

Latest Posts

  • Online Marketing Buzzwords: User-Generated Content

    Online Marketing Buzzwords: User-Generated Content

    17. February 2022
    Fans often contribute to a company’s marketing efforts without even realizing they are doing so. User-generated content, however, is becoming more common every day. What …More »
  • Every SERP Feature You Should Know About

    Every SERP Feature You Should Know About

    17. June 2021
    SERPs, or search engine results pages, started very basic, just listing the possible websites someone would be interested in based on their search phrases. Now, …More »

Contact us:

Digital Agency Awantego.com
Phone: +49(0)711/48890-50
E-Mail: info@awantego.com

Address
Breitscheidstr. 65
70176 Stuttgart
Germany

Recent Posts

  • How to use Google’s Answer Box for boosting Website Traffic

    How to use Google’s Answer Box for boosting Website Traffic

    16. May 2021
    Even if they may not be aware of it, most of today’s browsers have already seen …More »
  • Online Marketing Buzzwords: Immersive Storytelling

    Online Marketing Buzzwords: Immersive Storytelling

    5. September 2019
    Great stories have ways of drawing people in, and that is not just true of written …More »
  • Seven Ways You Can Create Better Product Recommendations

    Seven Ways You Can Create Better Product Recommendations

    11. August 2019
    Shoppers don’t always know what they really want or need until they actually see it. Modern …More »

Services:

  • Website Creation
  • Search Engine Optimization
  • Automatic Content Creation
  • WordPress Management

More Marketing News

  • Google Local Pack: How to Get Your Website Highly Ranked

    Google Local Pack: How to Get Your Website Highly Ranked

    17. July 2019
    Google Local Pack: What’s That all About? The Google local pack is an excellent way to …
  • What is a WordPress Theme?

    What is a WordPress Theme?

    12. April 2019
    The way your website looks is crucial. Everything needs to look good together, needs to work …
  • What You Need to Know About WordPress Plugins

    What You Need to Know About WordPress Plugins

    11. March 2019
    When you want to create a website for your business, WordPress might be the best option. …
  • The Fastest WordPress Themes and Why You Want One

    The Fastest WordPress Themes and Why You Want One

    12. February 2019
    While having a website that looks great and functions well is important, the speed of the …

Footer

Links

Disclaimer

Imprint

Online Marketing News

About Awantego

We are a full service digital marketing webagency specializing in wordpress web design, content creation, search engine marketing and SEO.

We love to implement creative web design for websites, homepages, blogs and eCommerce web shops using WordPress.

What`s your next challenge for us?

How to find Awantego

Digital Agency Awantego


8 – 17 o’clock – Online 24/7
Phone: +49(0)711 4889050

E-Mail: info@Awantego.com

Address
Breitscheidstr. 65
70176 Stuttgart
Germany

  • Imprint
  • Disclaimer
  • Contact

© 2022 · Awantego.com ·