Warning: sprintf(): Too few arguments in /home/glase/orgwordpress.org/www/wp-content/themes/newz/assets/lib/breadcrumbs/breadcrumbs.php on line 252

WordPress:✔️Update ensures more security

Posted by Michelle Filingeri 10.09.2021 Category(ies): Security, News

Copyright © Shutterstock/0leJohny

The WordPress update 5.8.1 fixes three security vulnerabilities in the REST API, the Gutenberg editor, and the Lodash JavaScript library. WordPress should be updated for the new version, especially versions 5.4 to 5.8.

New security and maintenance release

It’s not uncommon for a bugfix update to be released after a major version update. This so-called maintenance release serves to fix unforeseen issues and introduce improvements that didn’t make it into the main release in time. This update also includes a security update.

WordPress fixes three security vulnerabilities

REST API vulnerability

The WordPress REST API is an interface that allows plugins and themes to interact with the WordPress core. This has several vulnerabilities: most recently, there is the vulnerability in the Gutenberg Template Library & Redux Framework affected over a million websites was.

This vulnerability is known as data exposure vulnerability described in which sensitive data such as passwords could be disclosed.

WordPress Gutenberg XSS vulnerability

Cross-Site Scripting (XSS) vulnerabilities are relatively common. Usually whenever there is user input like a contact or email form.

The Open Web Application Security Project (OWASP) describes the potential damage from XSS vulnerabilities as follows:

“An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way of knowing that the script should not be trusted, and will execute the script.

Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.”

Vulnerabilities in the WordPress Lodash JavaScript library

These vulnerabilities are possibly the most problematic. the Lodash JavaScript library is a set of scripts used by developers that has several security vulnerabilities. The latest and most secure version is Lodash 4.17.21.

Urgent update needed

Due to the security flaws, users should urgently Update WordPress.

“Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 5.4 have also been updated.”

Source: Search Engine Journal

About the author

Michelle Filegeri

Our OSG team is constantly creating new blog and news articles on the subject of online marketing. Every now and then we dare to look outside the box, after all, the successful marketing of our customers does not only include SEO, SEA, affiliates and Co. So the holistic view is worthwhile.

internetagentur-heidelberg.info Previous post Important Security Update – WordPress 5.8.1.—
Next post WordPress 5.8.3 – Download – COMPUTER IMAGE