WordPress 4.8.3 Security Release
by CIRT Team
Description: WordPress 4.8.3 is now available. This is a security release for all previous versions and it is strongly encouraged you to update your sites immediately.
WordPress versions 4.8.2 and earlier are affected by an issue where
$wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability.
Impact: WordPress versions prior to 4.8.3 are affected by a vulnerability. A remote attacker could exploit this vulnerability to obtain sensitive information.
Mitigation: Updates are available. Please see the references or vendor advisory for more information.