The current version of the Content Management System (CMS) WordPress 4.8.2 is a pure security update. This already appeared in the last week. In many media, it’s once again emphasizing the need to install the latest version as quickly as possible.
Overall, the release includes eight vulnerabilities. The vulnerabilities are supposed to flare in all previous versions. Most of these are XSS gaps. Security researchers have reported a large part of the vulnerabilities via the bug bounty platform Hacker One. WordPress does not reveal any details on the gaps at the moment – there is still a classification of the degree of threat.
For the current version, the developers specify to have hardened the $ wpdb-> prepare () method. So there should be fewer starting points for SQL attacks.