Impact
Due to lack of proper sanitization in WP_Meta_Query, there's potential for blind SQL Injection.
Patches
This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled.
References
https://wordpress.org/news/category/releases/
For more information
If you have any questions or comments about this advisory:
Impact
Due to lack of proper sanitization in
WP_Meta_Query, there's potential for blind SQL Injection.Patches
This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled.
References
https://wordpress.org/news/category/releases/
For more information
If you have any questions or comments about this advisory: