WordPress 5.7.2 Updates Fix One Serious Vulnerability
On May 13, 2021, WordPress 5.7.2, which fixes a serious vulnerability, was released. This is a security update. WordPress 5.7.2 fixes one security issue.
WordPress 5.7.2 Release Date
WordPress 5.7.2 has been released on May 13, 2021. Update promptly for a security release that fixes a serious vulnerability.
Release dates for each version of WordPress are listed here. Please refer to it when you check the release date of other versions.
What’s new in WordPress 5.7.2
Updating to WordPress 5.7.2 fixes two object injection vulnerabilities in PHPMailer, CVE-2020-36326 and CVE-2018-19296.
If this vulnerability is exploited, there is a risk that a third party can remotely execute arbitrary code.
The NIST (National Institute of Standards and Technology) vulnerability information database also lists the severity as Critical and High.
Scope of the vulnerability
All versions of WordPress from 3.7 to 5.7.1 are affected.
Security releases have been issued for major versions of WordPress 3.7 and later, so please update as soon as possible.
The following requirements are recommended to run WordPress 5.7.2.
- PHP 7.4 or higher
- MySQL 5.6 or higher, or MariaDB 10.1 or higher
- Nginx or Apache
How to update
To update to WordPress 5.7.2, click the Update Now button on the Dashboard Update page.
If automatic updates are enabled, updates will start in the background.
How to Download
WordPress 5.7.2 is available from the download page.
Please refer to the following article on how to download WordPress.
How do I downgrade?
If you upload to WordPress 5.7.2 and find problems, you can downgrade by installing WP Downgrade | Specific Core Version.
Other versions of WordPress 5.7
Other versions of WordPress 5.7.