WordPress Logo Alert NoticeWordPress 3.5.2 Released

WordPress 3.5.2 was released and you need to update your site immediately as the WordPress team fixed 12 bugs.

Security Fixes Include:

  • Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site.
  • Disallow contributors from improperly publishing posts, or reassigning the post’s authorship.
  • An update to the SWFUpload external library to fix cross-site scripting vulnerabilities.
  • Prevention of a denial of service attack, affecting sites using password-protected posts.
  • An update to an external TinyMCE library to fix a cross-site scripting vulnerability.
  • Multiple fixes for cross-site scripting.
  • Avoid disclosing a full file path when a upload fails.

Original Article: http://wordpress.org/news/2013/06/wordpress-3-5-2/

Original Article: http://codex.wordpress.org/Version_3.5.2