WordPress 6.0.2 Patches Vulnerability That Could Impact Millions of Legacy Sites


A high-severity SQL injection vulnerability was fixed in version 6.0.2 of the content management system (CMS), which was released this week according to the WordPress team.

The problem, which was found in the WordPress Link functionality�previously called “Bookmarks"�only affects older installations because the feature is by default turned off on new instals. The security issue, which has a CVSS score of 8.0, needs administrative rights and is difficult to exploit in default installations. Read More…