WordPress 5.8.3 is a security update that addresses some recently discovered vulnerabilities as shown below.
- Props to Karim El Ouerghemmi and Simon Scannell of SonarSource for disclosing an issue with stored XSS through post slugs.
- Props to Simon Scannell of SonarSource for reporting an issue with Object injection in some multisite installations.
- Props to ngocnb and khuyenn from GiaoHangTietKiem JSC for working with Trend Micro Zero Day Initiative on reporting a SQL injection vulnerability in WP_Query.
- Props to Ben Bidner from the WordPress security team for reporting a SQL injection vulnerability in WP_Meta_Query (only relevant to versions 4.1-5.8).
All of my hosted clients have already been upgraded, and many other managed WordPress hosts have also already pushed out the security update to their clients.