A wordpress security update has been released for Debian GNU/Linux 8 LTS

Package : wordpress
Version : 4.1.29+dfsg-0+deb8u1
CVE ID : CVE-2019-20041
Debian Bug : 946905

An input sanitization bypass was discovered in Wordpress, a popular
content management framework. An attacker can use this flaw to send
malicious scripts to an unsuspecting user.

For Debian 8 "Jessie", this problem has been fixed in version
4.1.29+dfsg-0+deb8u1.

We recommend that you upgrade your wordpress packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://wiki.debian.org/LTS