WordPress 4.8.3 security release

WordPress 4.8.3 security release

Posted on 1 Nov, 2017 by Ajani Ashish | No comment

WordPress 4.8.3 security release is available now. Because of security release I strongly recommend to upgrade WordPress version of your website immediately.

In earlier versions of WordPress upto 4.8.2, $wpdb->prepare() was vulnerable and it’s fixed with WordPress 4.8.3 security release. Issue with $wpdb->prepare() was that it can create unsafe and unexpected queries leading to potential SQLi (SQL injection). Core files of WordPress is not directly vulnerable to the issue but plugins and themes are vulnerable and can accidently cause vulnerability.

esc_sql() and WordPress 4.8.3 security release

WordPress 4.8.3 security release includes a change in behaviour for the esc_sql() function. Most of the developers will not be affected by this change, you can still find more details here

This issue is reported by Anthony Ferrara and you can read more details here on WPDB SQL Injection with earlier version.

If you haven’t updated yet stop right now and update.

Click here to see complete details on how to upgrade WordPress version whenever there is new version released.

If you face any trouble in upgrading WordPress version, than I can help in the upgrade WordPress process. You can share it via comments or submitting a contact request

 

Related Post

Make a website with useful WordPress plugins, but what really plugin is? Simply we can say that a plugin is a feature on WordPress that allows bloggers/website owners to customize and optimize websites. WordPress...

Read More

How to remove query string from static resource in wordpress

Posted on 25 Jul, 2015 by Ajani Ashish

Before getting a look on how to remove query string from static resources, lets see what is query string. What is query string? It is a part of a URL(Uniform Resource Locator) containing some data that does not fit...

Read More
No Comments (0)

Speak Your Mind

Your email address will not be published. Required fields are marked *