3.6.1. Security Release Update
WordPress have announced a security release for core WordPress files, sealing up potential points of access for hackers. The maintenance update fixes 13 bugs; below there is more detail on the fixes from the WordPress news blog.
The latest version is Version 3.6.1 – if you haven’t already, update now.
- Block unsafe PHP unserialisation that could occur in limited situations and setups, which can lead to remote code execution.
- Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user.
- Fix insufficient input validation that could result in redirecting or leading a user to another website.
Alternatively, download here.