Security Vulnerabilities

WordPress (Pre 4.8.3) SQL Injection Vulnerability

CVE-2017-16510 Detail

WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a “double prepare” approach, a different vulnerability than CVE-2017-14723.

Resolution :

Updates are available. Please see the references or vendor advisory for more information.

To download WordPress 4.8.3, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.

Image result for wordpress



Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.