WordPress 4.8.2 Patches Eight Security Vulnerabilities

WordPress 4.8.2 is available for download and users are encouraged to update as soon as possible. This release patches eight security vulnerabilities and has six maintenance related fixes. Hardening was also added to WordPress core to prevent plugins and themes from accidentally causing a vulnerability through $wpdb->prepare() which can create unexpected and unsafe queries leading to potential SQL injection (SQLi).

To see a full list of changes, check out the release notes. Auto updates are rolling out to sites that support them but if you’d like to update manually, you can browse to Dashboard – Updates and click the Update Now button.

2 Comments


  1. I updated my sites earlier, and when I tried to edit a page, the screen went almost blank, just a tags and categories drop-down boxes on it. I wonder if it’s due to my theme (GeneratePress) or the newest update? It never happened before the update on that theme.

    Report


  2. Totally broke users of The Events Calendar. Thankfully they released a fix within a few hours, but it feels like some of the fixes in 4.8.2 were beyond the scope of a normal patch release and should have been held for a major release.

    Report

Comments are closed.