0.004 Low
EPSS
Percentile
74.7%
Authenticated Object Injection in Multisites discovered by Simon Scannell (SonarSource) in WordPress (versions <= 5.8.2).
Update WordPress to the latest available version (at least 5.8.3).
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663
github.com/WordPress/wordpress-develop/security/advisories/GHSA-jmmq-m8p8-332h
patchstack.com/articles/wordpress-core-5-8-3-security-vulnerabilities/
wordpress.org/news/2022/01/wordpress-5-8-3-security-release/