Security update: Attackers could nest on WordPress websites

Admins of WordPress websites should update the CMS for security reasons. Otherwise, attackers could attack sites.

As can be seen from a warning message, attackers do not yet seem to have targeted the vulnerabilities. The information about the vulnerabilities is extremely sparse. There are no CVE numbers or a threat level classification in the post.

Attackers could probably perpetuate themselves persistently with an XSS attack on a WordPress website. As a rule, malicious code is stored on a server and delivered when the site is visited. In two other cases, it sounds like attackers could run their own SQL commands.

The developers state that the versions between 3.7 and 5.8 are threatened. They assure that they will fill the gaps in the Issue 5.8.3 have closed. Admins can trigger updates in the dashboard.


To home page