WordPress has rolled out security and maintenance update WordPress 5.8.1 to fix three security vulnerabilities that were affecting WordPress versions 5.4 to 5.8.
The release mainly fixes the security vulnerabilities in the REST API, an XSS vulnerability in the Gutenberg block editor, and several necessary vulnerabilities in the Lodash JavaScript Library.
Table of Contents
WordPress 5.8.1 Release Candidate Brings Multiple Security Fixes
In total, WordPress 5.8.1 release candidate brings in 41 bug fixes on the Core along with 20 bug fixes for the block editor.
The WordPress staff, Evan Mullins thanked people for reporting the bugs and security vulnerabilities during the WordPress 5.8 beta testing period as the reports help the security team to fix the security vulnerabilities.
Brief Explanation of Security Issues
The REST API or an application programming interface utilizes HTTP requests to access and use data. In WordPress, REST API allows themes and plugins to communicate with WordPress core.
XSS or Cross-Site-Scripting is one type of injection attack wherein the attackers inject the malicious scripts to jeopardize the website interactions.
Lodash JavaScript library contains a collection of scripts utilized by the developers. The Lodash has been found to have various vulnerabilities.
Currently, the safest version of Lodash is 4.17.21.
Citations
- WordPress 5.8.1 Security and Maintenance Release
- CVE Lodash Vulnerability Description CVE-2021-23337
- Featured Image: flaticon.com
For more Technology News, subscribe to our newsletter and get the latest updates from the various tech industries.
Looking for Best WordPress Hosting? Here’s an article that you can read on the top 10 best WordPress hosting providers.