WordPress 6.0.3 security update released

On 17.10.2022 the version 6.0.3 of WordPress was released.

This release is a security release that fixes the following security related bugs among others:

  • Stored XSS via wp-mail.php
  • Open redirect in wp_nonce_ays
  • Sender’s email address is exposed in wp-mail.php
  • Media Library – Reflected XSS via SQLi
  • CSRF in wp-trackback.php
  • Stored XSS via the Customizer
  • Revert shared user instances introduced in 50790
  • Stored XSS in WordPress Core via Comment Editing
  • Data exposure via the REST Terms/Tags Endpoint
  • Content from multipart emails leaked
  • SQL Injection due to improper sanitization in `WP_Date_Query`
  • RSS Widget: Stored XSS issue
  • Stored XSS in the search block
  • Feature Image Block: XSS issue
  • RSS Block: Stored XSS issue
  • Fix widget block XSS

Due to these security related bugs, an update is highly recommended.

Update needed?

You need an update for your wordpress system?
We are happy to support and advise you with this project.

Get free advice