Wordpress 2.8.6

Published on November 13, 2009

Wordpress 2.8.6

    Wordpress updated again .
    I quote the developers blog:
    Version 2.8.6 fixes two security issues that could be exploited by registered and authorized users with publishing rights. If there are extraneous authors on your blog, we recommend that you upgrade to 2.8.6.

    The first problem is the XSS vulnerability in the Press This tab, reported by Benjamin Flesch. The second was discovered by Dawid Golunski - when processing the names of the downloaded files, there was a flaw that could be used on some Apache configurations.


    Updated :)

    By the way, xx.6 is not a record. There were versions before x.x.11 ;)