CVE-2021-39200

Name of the Vulnerable Software and Affected Versions WordPress versions prior to 5.8.1

Description The issue is related to the wp die() function in WordPress, which can leak output data under certain conditions, including sensitive information like nonces. This leaked data can be used to perform actions on behalf of the user. The exploitation of this issue may allow a remote attacker to execute arbitrary code.

Recommendations For versions prior to 5.8.1, update to WordPress 5.8.1 or later to receive the fix. It is strongly recommended to keep auto-updates enabled to ensure the receipt of the fix. As a temporary workaround, consider restricting access to the wp die() function until a patch is available.