The WordPress developers have closed three gaps in the content management system.
Admins of websites created with the CMS WordPress should install the current version for security reasons. If this does not happen, attackers could target three security gaps.
As can be seen from a post, the current Version 6.0.2 available now. The release does not bring any new functions. This is a security and maintenance update. The next major version 6.1 is planned for November 1st, 2022.
So far, no CVE number has been assigned for any of the three vulnerabilities. One of the gaps is with the threat level “high” classified. For the other two applies “medium“. Due to insufficient checks, attackers could start an SQL attack on the Link API. XSS attacks (stored) are conceivable via the other vulnerabilities.
