Security Vulnerabilities

WordPress (Pre 4.8.3) SQL Injection Vulnerability

CVE-2017-16510 Detail

WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a “double prepare” approach, a different vulnerability than CVE-2017-14723.

Resolution :

Updates are available. Please see the references or vendor advisory for more information.

To download WordPress 4.8.3, update automatically from the Dashboard > Updates menu in your site’s admin area or visit

Image result for wordpress


Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.