Skip to main content

WordPress Multiple Vulnerabilities

Last Update Date: 11 Jan 2022 Release Date: 10 Jan 2022 4219 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Multiple vulnerabilities were identified in Wordpress. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, security restriction bypass and cross-site scripting on the targeted system.

 

[Updated on 2022-01-11] CVEs are updated in "Vulnerability Identifier" Section.


Impact

  • Remote Code Execution
  • Cross-Site Scripting
  • Security Restriction Bypass

System / Technologies affected

  • WordPress versions prior to 5.8.3

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

  • Apply fix issued by the vendor:
    WordPress version 5.8.3

To get this version, update from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.


Vulnerability Identifier


Source


Related Link