Ngocnb

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 5.8.3 WordPress versions prior to 4.1.34 **Description** WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. **Recommendations** For WordPress versions prior to 5.8.3, update to version 5.8.3 or later. For WordPress versions prior to 4.1.34, update to version 4.1.34 or later. Keep auto-updates enabled to ensure the latest security patches are applied. At the moment, there is no information about additional mitigation measures for this issue.

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 5.8.3 WordPress versions 3.7.37 and earlier **Description** The issue is related to improper sanitization in the WP Query function of the WordPress content management system, which can lead to SQL injection through certain plugins or themes. This may allow a remote attacker to disclose stored credentials. The vulnerability has been patched in WordPress version 5.8.3 and older affected versions have also been fixed via security releases. **Recommendations** For WordPress versions prior to 5.8.3, update to version 5.8.3 or later to resolve the issue. For WordPress versions 3.7.37 and earlier, update to version 3.7.37 or later to resolve the issue. As a general mitigation measure, keep auto-updates enabled to ensure the latest security patches are applied.