WordPress imabweretsa chigamba chadzidzidzi pazovuta zinayi zazikulu. WordPress 5.8.3 imapezeka nthawi yomweyo.
WP_Meta_Query ndi WP_Query, magulu awiri ofunikira komanso omwe amagwiritsidwa ntchito kwambiri pamakina owongolera zinthu, adapezeka kuti ali pachiwopsezo cha jekeseni wa SQL. Kuukira kwa XSS kudatheka ndi post slugs (dzina lapadera lamasamba mu ma URL). Ma multisites ena a WordPress analinso okonda jekeseni wa chinthu cha PHP. Chotsatiracho chimapangitsa kuti pakhale chiopsezo cha remote code execution (RCE).
WordPress 5.8.3 imakonza zofooka izi. Patching ndiye upangiri wachangu. Malinga ndi US National Vulnerability Database, zofooka ndizofunika kwambiri.
Langizo: Log4Shell - zovuta zomwe sizinachitikepo, maphunziro ovuta kwa opanga mapulogalamu
Chifukwa
Kumapeto kwa 2021, opanga WordPress adakumana ndi ntchito yayikulu. Gululi likuyembekeza kumasula kutulutsidwa kwakukulu kotsatira kwa nsanja (5.9) mu Disembala 2021. Ndondomekoyi idakhala yosatheka. 5.9 idayimitsidwa mpaka Januware 25, 2022.
Addison Stavlo, m'modzi mwa omwe akupanga nsanja yotseguka, adalongosola njira yachitukuko ya 5.9 ngati "mbendera yofiira" ndi "kuthamangira koopsa". Search Engine Journal, sing'anga yapaintaneti, imalingalira kuti zofooka zikadapewedwa ndi malo ochulukirapo komanso chidwi chachitetezo. Izi zili ndi phindu lalikulu, koma kukakamiza kuntchito ndi kwakanthawi. Zowopsa zakhala zikuchitika kuyambira 2013.