Monday, April 28, 2025
HomeWordpressWordPress 4.8.3 released with patch for SQL injection (SQLi) which affected all...

WordPress 4.8.3 released with patch for SQL injection (SQLi) which affected all the previous version

Published on

SIEM as a Service

Follow Us on Google News

WordPress 4.8.3 released with the security patches for all previous versions. The update includes the issue with $wpdb->prepare() which leads to an SQL injection.

SQL injection is a technique which attacker takes non-validated input vulnerabilities and inject SQL commands through web applications that are executed in the backend database.To read more about SQLi.

Must Read Most Important Considerations Check to Setup Your WordPress Security

- Advertisement - Google News

$wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) and the new release includes change in behaviour for the esc_sql() function.

WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Anthony Ferrara.Wordpress reported.

Files Revised

wp-admin/about.php
wp-includes/formatting.php
wp-includes/post.php
wp-includes/wp-db.php
wp-includes/version.php
wp-content/plugins

Must Read Penetration testing with your WordPress Website-Detailed Explanation

Mitigations

WordPress 4.8.3 released with the security patches users are recommended to update their sites immediately.

How to update – Wordpress 4.8.3

WordPress 4.8.3 contains 29 maintenance fixes to the 4.8 release series. Updates are simple Dashboard >> Updates >> Update Now.

It is always a good idea to backup your WordPress before proceeding with the update, if there are any issues, you can restore your website.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

New iOS Vulnerability Could Brick iPhones with Just One Line of Code

A security researcher has uncovered a critical vulnerability in iOS, Apple's flagship mobile operating...

Cybercriminals Selling Sophisticated HiddenMiner Malware on Dark Web Forums

Cybercriminals have begun openly marketing a powerful new variant of the HiddenMiner malware on...

Three IXON VPN Client Vulnerabilities Let Attackers Escalate Privileges

Security researchers at Shelltrail have discovered three significant vulnerabilities in the IXON VPN client...

Cybersecurity Firm CEO Arrested for Planting Malware in Hospital Systems

Jeffrey Bowie, the CEO of a local cybersecurity firm, has been arrested for allegedly...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

WordPress Ad-Fraud Plugins Trigger Massive 1.4 Billion Daily Ad Requests

Cybersecurity researchers have uncovered a sprawling ad-fraud operation exploiting WordPress plugins to trigger over...

Over 100,000 WordPress Plugin Vulnerability Exploited Just 4 Hours After Disclosure

Over 100,000 WordPress websites have been exposed to a critical security vulnerability, following the...

Rogue Account‑Creation Flaw Leaves 100 K WordPress Sites Exposed

A severe vulnerability has been uncovered in the SureTriggers WordPress plugin, which could leave...