We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.

WordPress Update Patches Four Security Flaws

Download our in-depth report: The Ultimate Guide to IT Security Vendors

WordPress 3.5.1 was recently released, fixing 37 bugs and patching four vulnerabilities.

"Security issues addressed in the update include a server-side request forgery problem that allowed the exposure of information through pingbacks," The H Security reports. "According to the developers, this vulnerability could help attackers compromise an unpatched WordPress site. Cross-site scripting vulnerabilities were fixed in the external Plupload library and in the shortcode and post content handling."

"Webmasters can update their sites from within the admin dashboard if the site has been properly configured to be updated this way," writes Ghacks Technology News' Martin Brinkmann. "If this is not the case or desired, it is alternatively possible to download the latest version from the official WordPress website to install it manually on the server."

Submit a Comment

Loading Comments...