Bleeping Computer

WordPress 5.8.3 security update fixes SQL injection, XSS flaws

The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. The set includes an SQL ...
Threat Post

WordPress Delivers Second Patch For SQL Injection Bug

A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL-injection attack. A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and ...
Threat Post

SQL Injection Bug Fixed in Popular WordPress SEO Plug-In

Popular search engine optimization plugin, SEO by Yoast fixed a blind SQL injection vulnerability yesterday that could be exploited to take control of affected sites. SEO by Yoast, a popular search ...
Bleeping Computer

Severe SQL Injection Flaw Discovered in WordPress Plugin with Over 1 Million Installs

A WordPress plugin installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website's database. The vulnerable plugin's ...
ZDNet

WordPress patches dangerous XSS, SQL injection bugs

WordPress has patched three security flaws including a cross-site scripting (XSS) vulnerability and SQL injection problem which could lead to the creation of new vulnerabilities. Last week, the ...
Dark Reading

Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection

Attackers can exploit a critical SQL injection vulnerability found in a widely used WordPress plug-in to compromise more than 1 million sites and extract sensitive data such as password hashes from ...
Dark Reading

WordPress Vulnerable to SQL Injection

Duplicate Page is an open source pluginfor WordPress that does just what you think it will do. It duplicates pages. There are over 800,000 installations of the plugin. It will duplicate pages, posts ...