WordPress 5.8.1 Released to Fix Multiple Vulnerabilities

WordPress Update 5.8.1 addresses three security issues in REST API, Gutenberg editor and Lodash JavaScript library. Recommends updating now.

WordPress announced a security and maintenance release, version 5.8.1. It is important to update WordPress, especially versions 5.4 to 5.8 in order fix three security issues.

WordPress 5.8.1 Security and Maintenance Release

It’s not uncommon for WordPress or any software for that matter to publish a bug fix update following a major version update in order to fix unforeseen issues as well as introduce improvements that didn’t make it in time for the major release.In WordPress those updates are called a maintenance release.This update also includes a security update, which is somewhat uncommon for the WordPress core. That makes this update more important than the typical maintenance release.

WordPress Security Issues Fixed

WordPress 5.8.1 fixes three vulnerabilities:
  1. A data exposure vulnerability within the REST API
  2. Cross-Site Scripting (XSS) vulnerability in the Gutenberg block editor
  3. Multiple critical to high severity vulnerabilities in the Lodash JavaScript Library
All three of the above vulnerabilities are so concerning that the WordPress announcement recommends immediately updating WordPress installations.

REST API Vulnerability

The WordPress REST API is an interface that allows plugins and themes to interact with the WordPress core.The REST API has been a source of security vulnerabilities, including most recently with the Gutenberg Template Library & Redux Framework vulnerability that affected over a million websites.This vulnerability is described as a data exposure vulnerability, which means that sensitive information could be revealed. There are no other details at this time regarding what kind of information but it could be as severe as passwords to data that could be used to mount an attack through another vulnerability.

WordPress Gutenberg XSS Vulnerability

Cross-Site Scripting (XSS) vulnerabilities happen relatively frequently. They can happen whenever there is a user input like a contact or email form, any kind of input that is not “sanitized” to prevent the upload of scripts that can trigger unwanted behavior in the WordPress installation.The Open Web Application Security Project (OWASP) describes the potential harm of XSS vulnerabilities:
“An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script.Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.”
This specific vulnerability affects the Gutenberg block editor.

WordPress Lodash JavaScript Library Vulnerabilities

These vulnerabilities may be the most concerning. The Lodash JavaScript library is a set of scripts used by developers that have been found to have multiple vulnerabilities.The latest and safest version is Lodash 4.17.21.The U.S. Homeland Security sponsored CVE List website details the vulnerability:
“Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.”
There appear to be many other vulnerabilities affecting the Lodash library in the 4.1.7 branch as well.

WordPress Urges Immediate Updating

These security vulnerabilities add a sense of urgency to this update. All publishers are recommended by WordPress to update.The official WordPress announcement recommends updating:
“Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 5.4 have also been updated.”

Who is The Best WordPress 5.8.1 Cloud Hosting?

Often overlooked, web hosting is one of the key components of every successful website. Choosing the best web hosting for your needs can improve your SEO and increase sales. There are various different types of WordPress hosting options available such as Free, Shared, VPS, Dedicated, and managed WordPress hosting. In this guide, we will help you choose the best WordPress hosting for your website.

To choose the best and affordable WordPress 5.8.1 cloud hosting for your websites, we recommend you going with the best and affordable WordPress 5.8.1 cloud hosting, ASPHostPortal is the leading provider of Windows hosting and affordable WordPress 5.8.1 Hosting. The  price starts from $3.81 per month. To more information about WordPress 5.8.1 cloud hosting  please visit http://asphostportal.com/

Why Choose ASPHostPortal ?

  1. Build Your Website – Use ASPHostPortal.com’s website building tools to get that special, customized look for your website. A nifty wizard will walk you through the process.
  2. All-inclusive prices unbeatable value – Other companies promise cheap hosting, but then charge extra for setup fees, higher renewal rates, or promotional services. With ASPHostPortal.com, the listed price is the number you’ll pay, and you can expect a fully loaded, comprehensive suite of web services.
  3. Fast and Secure Server – ASPHostPortal powerful servers are especially optimized and ensure the best WordPress performance. They have the best data centers on three continent and unique account isolation for security.
  4. Easy to Use and Manage – ASPHostPortal.com web space explorer lets you manage your website files with a browser. A control panel lets you set up and control your server functions with ease.

Conclusion

ASPHostPortal.com as The Best and Affordable WordPress Cloud Hosting

From what we have discussed above, ASPHostPortal.com is a good option for hosting WordPress 5.8.1 websites by highly meeting the installation requirements of this application and offering packages with affordable price and rich features. The key point is that it ensures a reliable hosting environment with blazing-fast page loading speed and provides 24/7 responsive technical support.

error: Content is protected !!