WordPress 3.6.1 Maintenance and Security Release

By Robert Abela on September 12th, 2013 in WordPress Security News

WordPress just announced the release of WordPress 3.6.1. This maintenance release fixes 10 bugs and 3 security issues in WordPress version 3.6. The security issues are:

  • Block unsafe PHP unserialization that could lead to remote code execution vulnerability.
  • Prevent a WordPress user with an Author role from being able to create a post “written by” another WordPress user.
  • Fix insufficient input validation that could result in redirecting or leading a user to another website.

Another important fix in WordPress 3.6.1 addresses potential cross—site scripting (XSS) vulnerability in the file uploads section. For a complete list of bugs addressed in WordPress version 3.6.1 click here. Download WordPress version 3.6.1 from here.

Update to WordPress 3.6.1 to Stay Secure

As recommended in many WordPress security tutorials and articles, keeping your WordPress up to date is one of the most efficient ways to keep your WordPress secure. Version 3.6.1 is both a maintenance and security release so we recommend you to UPDATE YOUR WORDPRESS as soon as possible.

WordPress Hosting, Firewall and Backup

WP White Security is hosted on A2 Hosting, protected with BBQ:Block Bad Queries Firewall and backed up with BlogVault online WordPress backup service

Leave a Reply

Your email address will not be published. Required fields are marked *