

~ リリースノート ~
Version 4.8.3 « WordPress Codex


From the WordPress 4.8.3 release post: WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Anthony Ferrara.

This release includes a change in behaviour for the esc_sql() function. Most developers will not be affected by this change, you can read more details in the developer note.

~ 関連ニュース ~
WordPress 4.8.3 Security Release
Version 4.8.3 – WordPress Codex 日本語版
WordPressが「4.8.3」にアップデート、前バージョンで不十分だったSQLインジェクションの問題を修正 -INTERNET Watch
【お知らせ】WordPress 4.8.3 セキュリティリリース | 情報メディア教育研究部門 | 東京大学情報基盤センター