By Thilak November 13, 2009

WordPress 2.8.6 Security Update for Multi-Author Blogs

wordpress-logo WordPress 2.8.6 was just released. It’s a security update which fixes two major bugs which can exploited by registered, logged in users who have posting rights. Here’s an excerpt from WordPress Blog:

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch.  The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.

If merely you have the posting privileges on your blog, there is no reason to be worried. But still it’s strongly recommended to upgrade your WordPress blog whenever an update is released. You can upgrade either by downloading WP 2.8.6 and then uploading it to your server (read how-to), or using one-click upgrade from WordPress Dashboard.

It’s always a healthy practice to back-up your MySQL database before running the update.

Related Posts that you may like:

Discussion

Comments for “WordPress 2.8.6 Security Update for Multi-Author Blogs”

  • It is a must for multi-author blog
  • This update was really unexpected.. though this update seems to be only for those
    who have multi author blogs or is it for every one?
  • Well, the bug seems to affect only multi-authored blogs.
blog comments powered by Disqus

Welcome to TechBuzz

TechBuzz is a technology blog read by 3000+ readers every day. We regularly write about new trends in technology, useful computer application and new web services. If you are new here, please subscribe our feed or opt for email updates to get new articles to your inbox.

Free Daily Updates

You can get fresh daily articles delivered straight to your feed reader or email inbox. Please subscribe to our RSS feed or opt for our free newsletter

Recent Posts

Google’s Chrome Tablet Concept Revealed
Google’s Chrome Tablet Concept Revealed
February 3, 2010
By Thilak
Ixquick. Ixquick allows users to surf the web with complete privacy. It let’s users surf the world wide web safely without revealing any personally identifiable or private information to the websites being viewed.

Ixquick is a free service which provides complete anonymity to the user enabling the user to surf the internet anonymously and safely. They claim it to be world’s most private search engine.

Surf The Internet Anonymously With Ixquick!

Surf The Internet Anonymously With Ixquick!
January 28, 2010
By Meghan
Apple iPad Unveiled
Apple iPad Unveiled
January 28, 2010
By Meghan
Happy New Year!
Happy New Year!
January 1, 2010
By Meghan
WordPress Version 2.9 Is Out!
WordPress Version 2.9 Is Out!
December 19, 2009
By Meghan