WordPress 2.8.6 Security Release

Internet, Open Source, Security, WordPress 0 Minutes

WordPress 2.8.6 is available for download. It’s another security release and was released two days ago. Below is a summary from the WordPress development blog:

2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.

You can download WordPress 2.8.6 here.
[ad]

0

Well, now what?

Work with Me

I'm available for hire and always taking new clients, big and small. Got a project or an idea you'd like to discuss? Startup plan but no developer to make it happen? Just get in touch, I'd love to see if I can help you out!

Leave some Feedback

Got a question or some updated information releavant to this post? Please, leave a comment! The comments are a great way to get help, I read them all and reply to nearly every comment. Let's talk. 😀

Longren.io is proudly hosted by DigitalOcean

DigitalOcean

Published by Tyler Longren

Hi! I'm Tyler Longren, a freelance web developer. I'm a father to two beautiful daughters and a car stereo enthusiast. I like PHP, JavaScript, WordPress, Git, HTML5 & CSS3, and other neat things. I really love the open source community, too. You can find me on twitter or Google+, and Github. This is my personal blog and that's it!

Published

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.