WordPress 4.8 was an awesome invention of the WordPress community. With the help of this version, WordPress development companies resolved almost all the errors and bugs found in the previous versions. But the latest WordPress 4.8.2 is now available with top nine security fixes that will enhance the productivity of your website built with WordPress development. Though it is a minor upgrade along with a minor security release and hence if you are using the WordPress, it will be automatically updated within 24 hours if you have enabled the auto update in your platform.
This WordPress update includes solution to fix $wpdb->prepare() to secure against the SQL injection attacks. Though WP core isn’t vulnerable to the SQL injection attacks directly, there are certain plugins and themes that may become vulnerable depending entirely on the way the above function is used.
The maintenance of this updated WordPress version contains the solution for various errors such as Cross Site Scripting (XSS). It fixes the errors caused in oEmbed discovery, The visual editor, The plugin editor, and in template names.
Related: WordPress 4.8: New Key Features
WordPress contains a pretty slick operation for the security of the third party plugins and themes is the finest feature in the recently released updates of the WordPress security.
It is important to crystallize the $wpdb->prepare() because the biggest defense against SQL injection attacks is to make sure that SQL query gets escaped in a correct manner.
This will stop the database engine from treating user supplied data as code and hence stops hackers from corrupting the queries to own ends.
In order to complete your escaping, prepare is the best way!
These security fixes will affect all the versions before 4.8. WordPress states that only 40% of the WordPress websites uses the official and supported version of WordPress.
Avoiding updating of the software is like giving a chance to the criminal to ruin your website. The existence of the vulnerabilities is public. When the software is not upgraded regularly, it becomes more likely to get exploited. It is more important to update to 4.8.2 as soon as possible.
Also read: 10 Tips to Secure Your WordPress Website