Maintainers of the PHP programming language patch multiple high-severity vulnerabilities in its core and bundled libraries. The most severe of the vulnerabilities could allow remote attackers to execute arbitrary code and compromise targeted servers. The vulnerabilities could leave hundreds of thousands of web applications that rely on PHP open to code execution attacks. Users and hosting providers are strongly recommended to upgrade their servers to the latest PHP version 7.3.9 7.2.22 and 7.1.32, addressing multiple security vulnerabilities.
Source: https://thehackernews.com/2019/09/php-programming-language.html