WordPress just announced the release of WordPress 3.6.1. This maintenance release fixes 10 bugs and 3 security issues in WordPress version 3.6. The security issues are:
- Block unsafe PHP unserialization that could lead to remote code execution vulnerability.
- Prevent a WordPress user with an Author role from being able to create a post “written by” another WordPress user.
- Fix insufficient input validation that could result in redirecting or leading a user to another website.
Another important fix in WordPress 3.6.1 addresses potential cross—site scripting (XSS) vulnerability in the file uploads section. For a complete list of bugs addressed in WordPress version 3.6.1 click here. Download WordPress version 3.6.1 from here.
Update to WordPress 3.6.1 to Stay Secure
As recommended in many WordPress security tutorials and articles, keeping your WordPress up to date is one of the most efficient ways to keep your WordPress secure. Version 3.6.1 is both a maintenance and security release so we recommend you to UPDATE YOUR WORDPRESS as soon as possible.