WordPress’ developers have introduced a new update that claims to fix the website. This new update was pushed out as an automatic one to all the users of the software as it fixed multiple security issues that were vulnerable. The WordPress version 5.8.3 is said to patch four vulnerabilities.
WordPress offers its users a web store with multiple plugins and some of them come with malicious vulnerabilities. This platform is frequently targeted by impersonators and other cybercriminals. as it might be the most popular website builder.
The developers have also advised Webmasters and other administrators to verify the version that their site is running. The verification is necessary to ensure that you can’t be targeted. TechRadar reports that some of the issues were so serious that if they were exploited, attackers could have taken control over the whole site along with other minor issues that needed admin access to be misused.
Earlier reports suggested that a specific WordPress plugin named the “All in One” SEO was not patched at that point in time. This caused more than 800,000 WordPress websites to remain vulnerable to the takeover vulnerability.
There were other reports about another vulnerability in some of the Starter Templates that included — Elementor, Gutenberg and Beaver Builder Templates plugin. This kept more than millions of sites at risk as this vulnerability allowed contributor-level users to embed malicious JavaScript and completely overwrite any page on the site.
In another case, there was a plugin that also had a serious flaw. It was the “Preview E-mails for WooCommerce ” plugin that could have allowed attackers to take over the site if not patched. The report adds that the plugin was used by more than 20,000 sites.
.