WordPress Releases Security Update | CISA

News – WordPress 5.7.2 Security Release – WordPress.org

WordPress versions between 3.7 and 5.7.1 are affected by a security vulnerability. An attacker could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.7.2.  This fix is for Object injection in PHPMailerCVE-2020-36326 and CVE-2018-19296