Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Alert: WordPress Security Updates – December 2023

WordPress has released a security update to address a critical remote code execution (RCE) vulnerability in the open-source content management system (CMS).
 
Affected Systems:
 
Security Risks
 
The identified vulnerability, recognized as a Property-Oriented Programming (POP) chain issue, can be exploited in conjunction with another flaw, potentially enabling attackers to execute arbitrary PHP code on vulnerable websites.
 
Recommended Actions
 
The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:
  • Follow WordPress Security updates to lower the risk of potential exploits, protect systems, and ensure their security.
  • Apply the required and latest security updates as soon as possible.
 
The recommended software version for upgrade is:
 
For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.
 
References
 

11 December 2023

© 2025 National Cyber Security Authority