WordPress 5.7.2 Security Release is now available. It includes only one security fix. This security release was issued by WordPress and is for all the previous versions. WordPress suggests strongly that you have this update applied to your WordPress website without delay and so do we.
WordPress versions between 3.7 and 5.7 includes the below-mentioned security issue. The update, 5.7.2 fixes that issue. Updates for all the WordPress versions since 3.7 are also available for any users who have not yet updated to 5.7.
WordPress 5.7.2 Security Update
- Object injection in PHPMailer, CVE-2020-36326 and CVE-2018-19296.
We, as WordPressers, owe it to the reporters of these issues for practicing responsible disclosure. The previous version of WordPress, WordPress 5.7.2 was released on 15th April 2021.
You can download WordPress 5.7.2 here or venture over to your WordPress Dashboard > Update and simply click on the Update Now button. Sites that support automatic background updates are already beginning to update to WordPress 5.7.2
WordPress 5.7.2 Security Release is a short-cycle release and the next major release is WordPress 5.8.