WordPress 5.8.1 Released to Fix Multiple Vulnerabilities
WordPress Update 5.8.1 addresses three security issues in REST API, Gutenberg editor and Lodash JavaScript library. Recommends updating now.
WordPress announced a security and maintenance release, version 5.8.1. It is important to update WordPress, especially versions 5.4 to 5.8 in order fix three security issues.
WordPress 5.8.1 Security and Maintenance Release
It’s not uncommon for WordPress or any software for that matter to publish a bug fix update following a major version update in order to fix unforeseen issues as well as introduce improvements that didn’t make it in time for the major release.
In WordPress those updates are called a maintenance release.
This update also includes a security update, which is somewhat uncommon for the WordPress core. That makes this update more important than the typical maintenance release.
WordPress Security Issues Fixed
WordPress 5.8.1 fixes three vulnerabilities:- A data exposure vulnerability within the REST API
- Cross-Site Scripting (XSS) vulnerability in the Gutenberg block editor
- Multiple critical to high severity vulnerabilities in the Lodash JavaScript Library
REST API Vulnerability
The WordPress REST API is an interface that allows plugins and themes to interact with the WordPress core. The REST API has been a source of security vulnerabilities, including most recently with the Gutenberg Template Library & Redux Framework vulnerability that affected over a million websites. This vulnerability is described as a data exposure vulnerability, which means that sensitive information could be revealed. There are no other details at this time regarding what kind of information but it could be as severe as passwords to data that could be used to mount an attack through another vulnerability.WordPress Gutenberg XSS Vulnerability
Cross-Site Scripting (XSS) vulnerabilities happen relatively frequently. They can happen whenever there is a user input like a contact or email form, any kind of input that is not “sanitized” to prevent the upload of scripts that can trigger unwanted behavior in the WordPress installation. The Open Web Application Security Project (OWASP) describes the potential harm of XSS vulnerabilities:“An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.”This specific vulnerability affects the Gutenberg block editor.
WordPress Lodash JavaScript Library Vulnerabilities
These vulnerabilities may be the most concerning. The Lodash JavaScript library is a set of scripts used by developers that have been found to have multiple vulnerabilities. The latest and safest version is Lodash 4.17.21. The U.S. Homeland Security sponsored CVE List website details the vulnerability:“Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.”There appear to be many other vulnerabilities affecting the Lodash library in the 4.1.7 branch as well.
WordPress Urges Immediate Updating
These security vulnerabilities add a sense of urgency to this update. All publishers are recommended by WordPress to update. The official WordPress announcement recommends updating:“Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 5.4 have also been updated.”
Best and Cheap WordPress 5.8.1 Hosting
The hosting provider that we mean is ASPHostPortal. Who and why ASPHostPortal? ASPHostPortal is one of the best web hosting in the world. Founded in 2008, this company managed by a strong team of web hosting experts. Here are several reasons why you can choose them as your WordPress hosting partner. To make it clear, we have worked out a comprehensive review of the feature, performance, customer service and pricing of this service.
Respected By The WordPress Community
ASPHostPortal is well-respected in the WordPress community, especially for their quick, helpful support. All hosting companies have good and bad customer experiences on the web review, but if you look at ASPHostPortal’s review mentions the majority of feedback is positive.
WordPress 5.8.1 represents a leap forward toward modernizing the content management system. It empowers publishers who don’t know how to code to make changes to how the web page looks without having to know the code. The latest version of WordPress makes it easier for publishers to express themselves creatively. Some may decide to wait a few days before updating in case of bugs. But WordPress thoroughly tests each release so it may be safe to update now. The release methodology includes testing consecutively improved versions the release until the developers feel it’s ready to be used.
Cheap and Reliable WordPress 5.8.1 Hosting Provider
When it comes to choosing the best WordPress 5.8.1 Hosting, we’re bound and determined to find out which company is providing the most value. There are some major components that make up a great host in our opinion, and those are Performance, Knowledge, Speed, Reliability of Support, and Pricing and the overall product offering. After reviewing many WordPress 5.8.1 hosting provider, we highly recommend ASPHostPortal for your WordPress hosting solution. The following are some reasons why ASPHostPortal should be your choice.
ASPHostPortal.com
Without further ado, ASPHostPortal.com was one of our top performers and is especially impressive considering the $5.00 price point for their startup WordPress 5.8.1 hosting plan. ASPHostPortal has been offering hosting services for more than 8 years and is a good option if you are looking for shared hosting. They offer great, reliable hosting at an incredibly good price that is hard to beat from a reputable company. Not only that ASPHostPortal also offers very reliable hosting with easy installation of WordPress 5.8.1, 24/7 support, and a long track record.
ASPHostPortal.com – Fully Support WordPress
All of their servers run the latest versions of WordPress so they will always be able to support your site. All of their servers run the latest versions of WordPress so they will always be able to support your site. You will install the WordPress site for free. ASPHostPortal provides multiple server locations, free CDN and advanced caching options to make both yours and your customers’ experience with WordPress really fast and enjoyable. They also make sure that your WordPress website is safer and better supported than anywhere else.
ASPHostPortal.com – Expert Support Team
Everything starts with impeccable support. The unmatched knowledge, experience, and dedication of their team truly make them stand out. They understand that people are the most important piece of the service they provide, and that is why they are at the top of the list. You’ll notice the difference the first time you talk to one of their WordPress experts.
ASPHostPortal.com – Offers Affordable Price
ASPHostPortal offers affordable price for WordPress hosting plan. Customers can start their WordPress site just from $5.00/mo. They are so confident that you will like their service, so they brave to offer a 30-day money back guarantee on hosting fees. Just cancel before 30 days, and they will refund your entire hosting fee. You can get the cheaper price with their hosting promotion and free add-ons too, for more information just visits their official site at http://asphostportal.com.
ASPHostPortal.com – World Class Data Center
Their data centers are strategically located around the country to provide their customers with the highest levels of availability, service, and support on the market. Their data centers located on the US (Washington & Seattle), Netherlands (Amsterdam), Singapore, Hong Kong, United Kingdom (London), Australia (Melbourne), France (Paris), Germany (Frankfurt), Italy (Milan), India (Mumbai). Each Data Center is custom designed with raised floors. Each Data Center is equipped with HVAC temperature control systems with separate cooling zones, seismically braced racks, advanced early smoke detection and fire suppression systems. Their Data Centers are supported by some of the most powerful physical security in the business. They have 24/7 video surveillance, security breach alarms and Biometric thumbprint scanners at every entryway.