WordPress Delivers Second Patch For SQL Injection Bug

November 2, 2017

A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL injection attack, exposing sites created on the content management system to takeover.

WordPress released WordPress 4.8.3 Tuesday, which mitigates the vulnerability.

“This is a security release for all previous versions and we strongly encourage you to update your sites immediately,” according to WordPress. The vulnerability is not tied to the WordPress Core, rather plugins and themes that could be used to trigger a SQL injection attack, WordPress said.

Read More on Threat Post