WordPress 3.5.1 Security and Maintenance Update

WordPress 3.5.1 was released, a security and maintenance related update that is recommended to be installed as soon as possible on all live sites running on WordPress. According to the blog post over at the official WordPress blog, 37 bugs were fixed in this release including four security issues and a couple of stability related issues.

 

As far as security goes, the following security issues have been fixed in WordPress 3.5.1.

  • Misuse of pingbacks for remote port scanning and a server side request forgery vulnerability which could lead to information exposure and site compromising.
  • Two cross-side scrippting issues via shortcodes and post content.
  • Another cross-site scripting vulnerability in the Plupload library.
The remaining updates and fixes address an assortment of issues of which two have received a high rating. One fixes an issue where link tags are getting stripped from the editor in WordPress 3.5, the other that scheduled posts trigger non-unfiltered html filters.

Place your comment about WordPress 3.5.1 Security and Maintenance Update




You must me logged in to write a comment
Comments

Be the first to place a comment