TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Researchers discover potential issues with WordPress 5.6 update

WordPress has started the official rollout of its latest version, WordPress 5.6, and it’s drawing attention from developers and security researchers for both good and bad. WordPress’s newest update did not break any website like it did the last time on the bright side.

WordPress 5.6 Update

WordPress 5.6 now available

The update for the Enable jQuery Migrate Plugin helped a lot of websites to stay afloat. However, security researchers have already discovered a vulnerability that can lead to a WordPress website’s full takeover. This means one of the improvements in WordPress 5.6 has posed a considerable risk to social engineering attacks.

The bigger problem with the update was discovered by Wordfence, a developer who works in the security, privacy, and overall development of WordPress and related products. Wordfence has already demonstrated how the flaw could lead to site owners losing access to their website.

The company says that a form of social engineering and phishing would be used to trick a site owner into requesting the WordPress site password, but, in reality, an attacker may be running a malicious script. The problem happens because of the REST API authentication with Application Passwords that WordPress 5.6 has introduced.

Apart from this flaw, however, the WordPress 5.6 update can be called a near-success. WordPress had taken good care of the Enable jQuery Migrate plugin on the good side of things so that customers wouldn’t be facing outages on their websites.

This part was handled well compared to the WordPress 5.5 update that caused a tremble across the World Wide Web. On the not-so-great side of things, WordPress 5.6 now ships with a new version that should work with PHP 8. However, some developers have found that the PHP 8 compatibility of the latest WordPress version is mostly on paper.

Although WordPress said that “5.6 marks the first steps towards WordPress Core support PHP 8,” the real emphasis should be on the term “first steps.” That is, plugin and theme developers should check on the real-world practicality of the PHP 8 support on WordPress before rolling them out.

At the same time, other major changes brought to the forefront by the WP 5.6 updates are loved by developers worldwide.

Published on Tags:

TanmayPatange@TWCN

Tanmay loves writing about Technology, Internet, Apps, Social Media, and Cybersecurity. He also tracks OTT video content streaming space and likes to spend his weekends watching plays. You can contact him on Twitter @techtsp.