On October 12, 2023, WordPress.org released a security update to the WordPress core, version 6.3.2, addressing seven specific security vulnerabilities and one potential security issue. The vulnerabilities include a wide range of threats like cross-site scripting (XSS), detailed information exposure through user search, and denial of service (DoS) via cache poisoning. The potential security issue could be associated with remote code execution.
Most WordPress sites update core automatically, and it’s recommended to update as soon as possible if your WordPress version isn’t either the updated 6.3.2 or any other recently patched versions. Several of these vulnerabilities were discovered thanks to WordPress’ security research partners like Patchstack and the WordPress Core Team.
As a provider of WordPress expertise, we acknowledge the importance of such updates and aim to ensure our non-technical users are secured against these threats. We remain committed to user safety and continuously adapt to security enhancements that serve to bolster the overall user experience.
Read the original article.