Back to Top
The nuts and bolts for
Creative web development

WordPress 3.5.1 Security and Maintenance Update

“Version 3.5.1 is the first maintenance release of 3.5, fixing 37 bugs”

WordPress 3.5.1 was released, a security and maintenance related update that is recommended to be installed as soon as possible on all live sites running on WordPress. According to the blog post over at the official WordPress blog, 37 bugs were fixed in this release including four security issues and a couple of stability related issues.

 

As far as security goes, the following security issues have been fixed in WordPress 3.5.1.

  • Misuse of pingbacks for remote port scanning and a server side request forgery vulnerability which could lead to information exposure and site compromising.
  • Two cross-side scrippting issues via shortcodes and post content.
  • Another cross-site scripting vulnerability in the Plupload library.
The remaining updates and fixes address an assortment of issues of which two have received a high rating. One fixes an issue where link tags are getting stripped from the editor in WordPress 3.5, the other that scheduled posts trigger non-unfiltered html filters.
Read the full article

Share this Article