WordPress 5.8.1 security version resolves all vulnerabilities

James Walker September 10, 2021 at 13:23 UTC

Update: September 10, 2021 at 5:00 p.m. UTC

XSS Block Editor and REST API data exposure issues among bugs now fixed

WordPress has rolled out an update to its core codebase that includes mitigations against several annoying security vulnerabilities

In addition to fixing 61 bugs, WordPress 5.8.1, released yesterday (September 9), fixes a data exposure vulnerability within the REST API, an interface that allows plugins and themes to interact with the kernel. WordPress.

It also fixes a cross-site scripting (XSS) vulnerability in the Gutenberg block editor. This was discovered by Polish hacker Michał Bentkowski, who noted he reported the bug “a long time ago” and would post an article soon.

RELATED WordPress Security: Ninja Forms Information Leak Resolved

Upstream security fixes for several vulnerabilities in the Lodash JavaScript library have also been incorporated into the WordPress version. These are categorized from critical severity to high severity.

The update also includes 41 bug fixes for the WordPress core, as well as 20 bug fixes for the block editor.

Basic update

The open source web giant recommends that web administrators update their sites to version 5.8.1 as soon as possible.

Version 5.8, the last major version of WordPress, was released in July, extending the Site Health admin interface to make it easier for developers to include their own tabs and make it easier for website admins to navigate. in the Site Health portal.

Learn about the latest WordPress security news and analysis

It also added several new block editor features, support for the WebP image format, an “Update URI” header for plugin developers, and changes to the REST API.

The next major release will be version 5.9, currently in alpha, with beta 1 slated for November 16 and a general release slated for December 14.

“The main objective for 2021 is to obtain the complete edition of the site for all WordPress users” says Executive Director Josepha Haden Chomphosy.

READ MORE Interview: Oliver Sild of Patchstack on securing WordPress, one plugin vulnerability at a time

Comments are closed.