Return-Path: <noreply@n3plcpnl0143.prod.ams3.secureserver.net>
Delivered-To: mf2lfas89ljs@n3plcpnl0143.prod.ams3.secureserver.net
Received: from n3plcpnl0143.prod.ams3.secureserver.net
	by n3plcpnl0143.prod.ams3.secureserver.net with LMTP
	id EJnfK/dAZGTx9ysAT/a0/Q
	(envelope-from <noreply@n3plcpnl0143.prod.ams3.secureserver.net>)
	for <mf2lfas89ljs@n3plcpnl0143.prod.ams3.secureserver.net>; Tue, 16 May 2023 19:50:31 -0700
Return-path: <noreply@n3plcpnl0143.prod.ams3.secureserver.net>
Envelope-to: mf2lfas89ljs@n3plcpnl0143.prod.ams3.secureserver.net
Delivery-date: Tue, 16 May 2023 19:50:31 -0700
Received: from root by n3plcpnl0143.prod.ams3.secureserver.net with local (Exim 4.95)
	(envelope-from <noreply@n3plcpnl0143.prod.ams3.secureserver.net>)
	id 1pz7FH-00C7F3-KR
	for mf2lfas89ljs@n3plcpnl0143.prod.ams3.secureserver.net;
	Tue, 16 May 2023 19:50:31 -0700
To: mf2lfas89ljs@n3plcpnl0143.prod.ams3.secureserver.net
Subject: [Installatron] WordPress 5.8.7 now available (security release)
Date: Tue, 16 May 2023 20:50:31 -0600
From: noreply@n3plcpnl0143.prod.ams3.secureserver.net
Message-ID: <91c1e33474a12b4bf775a6d4df4bc1b6@n3plcpnl0143.prod.ams3.secureserver.net>
X-Mailer: Installatron Plugin 9.1.59 (278)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is an automated email from Installatron. To unsubscribe from these emails or to change notification settings, login to your web hosting control panel, navigate to the Installatron tool, and select the installed applications you wish to modify.

An update to WordPress 5.8.7 (security release) is now available for the WordPress installations you are managing using Installatron. The following can be updated:

- http://www.govirtue.store


The changes for this version are:

This minor release features 20 bug fixes in Core and 10 bug fixes for the block editor. This release also features several security fixes. 

Security
* Block themes parsing shortcodes in user generated data; thanks to Liam Gladdy of WP Engine for reporting this issue
* A CSRF issue updating attachment thumbnails; reported by John Blackbourn of the WordPress security team
* A flaw allowing XSS via open embed auto discovery; reported independently by Jakub Żoczek of Securitum and during a third party security audit
* Bypassing of KSES sanitization in block attributes for low privileged users; discovered during a third party security audit.
* A path traversal issue via translation files; reported independently by Ramuel Gall and during a third party security audit.

Login to your web hosting control panel and navigate to the Installatron tool to update your installed applications.

End of report.

