WordPress 5.8.1 security version resolves all vulnerabilities
James Walker September 10, 2021 at 13:23 UTC
Update: September 10, 2021 at 5:00 p.m. UTC
XSS Block Editor and REST API data exposure issues among bugs now fixed
WordPress has rolled out an update to its core codebase that includes mitigations against several annoying security vulnerabilities
In addition to fixing 61 bugs, WordPress 5.8.1, released yesterday (September 9), fixes a data exposure vulnerability within the REST API, an interface that allows plugins and themes to interact with the kernel. WordPress.
It also fixes a cross-site scripting (XSS) vulnerability in the Gutenberg block editor. This was discovered by Polish hacker Michał Bentkowski, who noted he reported the bug “a long time ago” and would post an article soon.
RELATED WordPress Security: Ninja Forms Information Leak Resolved
The update also includes 41 bug fixes for the WordPress core, as well as 20 bug fixes for the block editor.
The open source web giant recommends that web administrators update their sites to version 5.8.1 as soon as possible.
Version 5.8, the last major version of WordPress, was released in July, extending the Site Health admin interface to make it easier for developers to include their own tabs and make it easier for website admins to navigate. in the Site Health portal.
Learn about the latest WordPress security news and analysis
It also added several new block editor features, support for the WebP image format, an “Update URI” header for plugin developers, and changes to the REST API.
The next major release will be version 5.9, currently in alpha, with beta 1 slated for November 16 and a general release slated for December 14.
“The main objective for 2021 is to obtain the complete edition of the site for all WordPress users” says Executive Director Josepha Haden Chomphosy.
READ MORE Interview: Oliver Sild of Patchstack on securing WordPress, one plugin vulnerability at a time