WordPress 4.8.3 security release

WordPress 4.8.3 security release

Posted on 1 Nov, 2017 by Ajani Ashish | No comment

WordPress 4.8.3 security release is available now. Because of security release I strongly recommend to upgrade WordPress version of your website immediately.

In earlier versions of WordPress upto 4.8.2, $wpdb->prepare() was vulnerable and it’s fixed with WordPress 4.8.3 security release. Issue with $wpdb->prepare() was that it can create unsafe and unexpected queries leading to potential SQLi (SQL injection). Core files of WordPress is not directly vulnerable to the issue but plugins and themes are vulnerable and can accidently cause vulnerability.

esc_sql() and WordPress 4.8.3 security release

WordPress 4.8.3 security release includes a change in behaviour for the esc_sql() function. Most of the developers will not be affected by this change, you can still find more details here

This issue is reported by Anthony Ferrara and you can read more details here on WPDB SQL Injection with earlier version.

If you haven’t updated yet stop right now and update.

Click here to see complete details on how to upgrade WordPress version whenever there is new version released.

If you face any trouble in upgrading WordPress version, than I can help in the upgrade WordPress process. You can share it via comments or submitting a contact request

 

Related Post

One page responsive html template

Posted on 27 Jun, 2017 by Ajani Ashish

I just managed to get approval of my one page responsive HTML template on ThemeForest. One page responsive html template It is one page responsive portfolio template is based on 12 column responsive Bootstrap grid....

Read More

WordPress plugin development can be both intimidating and exciting. But while plugin submission you will need to take care of some guidelines without it your plugin may be rejected by WordPress. Generally WordPress...

Read More
No Comments (0)

Speak Your Mind

Your email address will not be published. Required fields are marked *