App development

CMS

Company news

E-commerce solutions

Internet

SEO

SMO

Technology

Templates

Web Design

Web Development

WordPress 3.6.1 Maintenance and Security Release

Sep 17, 2013, by admin

WordPress 3.6.1 Maintenance and Security Release

After nearly 7 million downloads of WordPress 3.6, WordPress announce the availability of version 3.6.1. This maintenance release fixes 13 bugs in version 3.6, which was a very smooth release.

WordPress 3.6.1 is also a security release for all previous WordPress versions and WordPress strongly encourage all to update your sites immediately. It addresses three issues fixed by the WordPress security team:

  • Block unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution. Reported by Tom Van Goethem.
  • Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user. Reported by Anakorn Kyavatanakij.
  • Fix insufficient input validation that could result in redirecting or leading a user to another website. Reported by Dave Cummo, a Northrup Grumman subcontractor for the U.S. Centers for Disease Control and Prevention.

Additionally, it also adjusted security restrictions around file uploads to mitigate the potential for cross-site scripting.

Download WordPress 3.6.1 or update now from the Dashboard → Updates menu in your site’s admin area.