WordPress Releases a Security Update – Version 3.6.1
Hassan Akhtar   – September 11, 2013
1 Comment

WordPress Releases a Security Update – Version 3.6.1

WordPress.org announced a “security release” today for core WordPress files – Version 3.6.1.

A “security release” fixes potential holes in the software that hackers could use to exploit your site. In other words, you should UPDATE RIGHT AWAY.

One of the best security measures you can take is to always update to the latest version of a security release (that’s plugins, themes, and of course the core files).

According the WordPress News blog, the release fixes the following three issues:

FREE EBOOK
Your step-by-step roadmap to a profitable web dev business. From landing more clients to scaling like crazy.

By downloading this ebook I consent to occasionally receive emails from WPMU DEV.
We keep your email 100% private and do not spam.

FREE EBOOK
Plan, build, and launch your next WP site without a hitch. Our checklist makes the process easy and repeatable.

By downloading this ebook I consent to occasionally receive emails from WPMU DEV.
We keep your email 100% private and do not spam.

  • Block unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution.
  • Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user.
  • Fix insufficient input validation that could result in redirecting or leading a user to another website.

Version 3.6 has been downloaded over 7 million times. Here’s hoping 3.6.1 is downloaded just as many times.

Tags: