WordPress 3.5.2 Upkeep and Safety Launch – San Francisco

WordPress 3.5.2 Upkeep and Safety Launch – San Francisco

WordPress 3.5.2 is now obtainable. That is the second upkeep launch of three.5, fixing 12 bugsIt is a safety launch for all earlier variations and we strongly encourage you to replace your websites instantly. The WordPress safety crew resolved seven safety points, and this launch additionally accommodates some extra safety hardening.

The safety fixes included:

  • Blocking server-side request forgery assaults, which may doubtlessly allow an attacker to achieve entry to a website.
  • Disallow contributors from improperly publishing posts, reported by Konstantin Kovshenin, or reassigning the put up’s authorship, reported by Luke Bryan.
  • An replace to the SWFUpload exterior library to repair cross-site scripting vulnerabilities. Reported by mala and Szymon Gruszecki. (Builders: Extra on SWFUpload here.)
  • Prevention of a denial of service assault, affecting websites utilizing password-protected posts.
  • An replace to an exterior TinyMCE library to repair a cross-site scripting vulnerability. Reported by Wan Ikram.
  • A number of fixes for cross-site scripting. Reported by Andrea Santese and Rodrigo.
  • Keep away from disclosing a full file path when a add fails. Reported by Jakub Galczyk.

We appreciated responsible disclosure of these points immediately to our safety crew. For extra info on the adjustments, see the release notes or seek the advice of the list of changes.

Download WordPress 3.5.2 or replace now from the Dashboard → Updates menu in your website’s admin space.

Additionally: WordPress 3.6 Beta 4: If you’re testing WordPress 3.6, please observe that WordPress 3.6 Beta 4 (zip) contains fixes for these safety points.

Cogknockers is a San Francisco WordPress Development Agency with 20+ Years Experience.  WordPress Design is at the core of our services.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Recent News


Scroll to Top