News

WordPress 2.8.6 Security Update

12 Nov/09

The WordPress developers have just released a security update for their blogging platform WordPress which raises the version of the software to 2.8.6. It is always recommended to update to a new version of WordPress as soon as possible and especially so for a security release. This release fixes two vulnerabilities that are only relevant for multi-author blogs as they can only be exploited by registered, logged in users with posting rights. This security vulnerability is therefor not affecting the majority of WordPress blogs but those webmasters should nevertheless consider upgrading their blog software right away.

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.

The upgrade is as usual available through various means with the two most popular ones being through an automatic update in the WordPress admin interface and the second trough a download from the official WordPress website. The first is faster and more comfortable while the second offers more control to the user especially if something goes wrong.

This WordPress update does not require an update of the WordPress database. It is however recommended to perform a backup of both the WordPress files on the web server and the MySQL database to be prepared if the update should fail for any reason.

Tags: , , ,

Related posts

Continua a leggere – Original Link: WordPress 2.8.6 Security Update

Technorati Tags: , , , , , , , ,

Realizzazione Sito Gestionale Immobiliare

Leggi Anche

Condividi
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie

Commenti

I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.

Autore

    Spina Rosario
    Inserito da

Archivio

Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter
    Email:

    Nome:

    Auto Shop Italia
    Web Burning Blog
    Info Privacy

Meta