TTCSIRT-394.05.14.21 TTCSIRT ADVISORY- WORDPRESS 5.7.2 SECURITY RELEASE
WordPress 5.7.2 is now available. This security release features one security fix. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.
WordPress 5.7.2 is a short-cycle security release. The next major release will be version 5.8.
You can update to WordPress 5.7.2 by downloading from WordPress.org, or visit your Dashboard → Updates and click Update Now.
If you have sites that support automatic background updates, they’ve already started the update process.
Security Updates
One security issue affecting WordPress versions between 3.7 and 5.7. If you haven’t yet updated to 5.7, all WordPress versions since 3.7 have also been updated to fix the following security issue:
- Object injection in PHPMailer, CVE-2020-36326 and CVE-2018-19296.
The Trinidad and Tobago Cybersecurity Incident Response Team (TTCSIRT) strongly encourages users and administrators to review and perform the relevant updates.
For further insight on this advisory kindly follow the link below:
https://wordpress.org/news/2021/05/wordpress-5-7-2-security-release/