FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- multiple issues

Affected packages
wordpress < 4.8.3,1

Details

VuXML ID cee3d12f-bf41-11e7-bced-00e04c1ea73d
Discovery 2017-10-31
Entry 2017-11-01

wordpress developers reports:

WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we've added hardening to prevent plugins and themes from accidentally causing a vulnerability.

[source]

References

URL https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.