There are many websites are around the web. More than 30% of websites are built using the CMS WordPress.
Recently WordPress has released a new version 5.2.4.
- Stored XSS can be added using customizer.
- Unauthenticated ports can be viewed.
- Method to poison the cache of JSON GET requests via the Vary: Origin header
- Server-side request forgery in the way that URLs are validated.
- Referral validation in the admin.
If your website is using WordPress. Update it to 5.2.4 as soon as possible because hackers usually target the old WordPress version as they are easy to exploit.