WordPress 3.5.1 Security update

WordPress 3.5.1 is out.

This is a maintenance and security update.

The security updates are for:

 ■ Server-side request forgery (SSRF) and remote port scanning via pingbacks. Fixed by the WordPress security team.
■ Cross-site scripting (XSS) via shortcodes and post content. Discovered by Jon Cave of the WordPress security team.
■ Cross-site scripting (XSS) in the external library Plupload. Plupload 1.5.5 was released to address this issue.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>