Last Updated on September 11, 2021 by Calvin C.
If you have not yet updated your WordPress site to 5.8.1, consider doing so because the WordPress update fixed 3 vulnerabilities in versions 5.4 to 5.8.
In addition, this release also fixed 60 bugs but more importantly, since it is a security release, it is important that you update your site immediately.
Updating your WordPress site is easy and if it is set to auto-update, there is no need to do anything as the update takes place automatically.
If you check your email, you should get the message informing you that your site has been updated.
To update your site manually, go to WordPress Dashboard > Updates > click Update now.
Security issues that have been fixed
These security issues affected WordPress 5.4 to 5.8 and are as follows:
- Data exposure vulnerability within the REST API
- XSS vulnerability in the block editor
- Update of the Lodash library to version 4.17.21 in each branch to incorporate upstream security fixes
WordPress gave credit to reporters of the vulnerabilities and you can follow the link to read more about the update.
According to WordPress, the release was spearheaded by Jonathan Desrosiers and Evan Mullins. A long list of other contributors is available on the official site.
Fortunately, the security fixes were done before any WordPress sites had been attacked.
Make sure you look out for security updates as a website with vulnerabilities is exposed to attackers. This also applies to plugins so it’s better to enable auto-updates.
In June 2021, the Fancy Product Designer plugin had a vulnerability that allowed attackers to upload executable PHP files in websites with the plugin.
A patched version was quickly released to address the issue and this goes to show how important it is to keep your website up-to-date.
Share the article on social media and subscribe so that you don’t miss latest updates.