On 9 September, wordpress launched its latest version intending to promote the security levels and fix the vulnerabilities. This new update basically focuses on 3 security issues and 60 bugs that are commonly faced by developers and website admins. This new update involves cross-site scripting vulnerability in Gutenberg block editor, REST API vulnerabilities, security fixes in Lodash JavaScript Library.
What Makes WordPress 5.8.1 Different From Other Versions?
- Effectively eliminate data leakage issues from REST API
It eliminates the data leakage issue from REST API and improves the security performance of websites. However, REST API is a kind of interface in wordpress that promotes the interaction of plugins and themes in the core of wordpress.
Through this interface source, millions of websites have the threat of data leakage as it’s a major source of security vulnerabilities. Millions of websites are directly affected by this interface source that ultimately affects their performance and functionality. With the update in REST API, security vulnerabilities can be improved, and sensitive data get protection against security threats.
Read also: Trump launches his own social media platform
- Improve XSS vulnerabilities
In wordpress, there’s a high frequency of vulnerabilities in cross-site scripting or XSS caused by the user’s input field like in email form and the unsanitized scripts that lead to undesirable transform of the wordpress installation. There are many potential XSS vulnerabilities and also described by OWASP (Open Web Application Security Project) that is as follow:
“XSS or Gutenberg block editor is an easy source for an attacker to send malicious scripts to an unsuspecting user. The script will not be trusted and executed at the end of the user;s browser because they think that the script is sourced from a trusted getaway, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. Even the unwanted scripts can rewrite the HTML page content.”
WordPress 5.8.1 has the potential to fix all the bugs and vulnerabilities in the Gutenberg block editor.
- Security fixation in Lodash JavaScript Library
Issues in Lodash is a concerning point as it is used by millions of web developers to set the script. Multiple issues and bugs are always indulged in this section of wordpress. However, the latest version of Lodash is 4.17.21 and vulnerabilities are also associated with it that is also described in the vulnerabilities in the CVE website list of the U.S. Homeland Security.
“Lodash versions prior to 4.17.21 are not accessible and protected by Command Injection via the template function.” The newest version of wordpress, wordpress 5.8.1, will effectively fix the security vulnerabilities for Lodash.
Read also: What is Blogging?
Get More About WordPress 5.8.1
This latest version requires specific server support such as:
- PHP 7.4 or higher
- MariaDB 10.1 or higher or MySQL 5.6 or higher
- Nginx or Apache
Moreover, installation of WordPress 5.8.1 is very simple and easy. You can easily download the latest version via visiting the dashboard’s update page and simply select the button of Update Now and get the latest version. Alternatively, you can download it also from the official website of wordpress. Additionally, if you are using the 5.4 version of wordpress, it is advisable to quickly switch it to this latest one.
