WordPress 3.9.2 also contains other security changes:
- Fixes a possible but unlikely code execution when processing widgets (WordPress is not affected by default).
- Prevents information disclosure via XML entity attacks in the external GetID3 library.
- Adds protections against brute attacks against CSRF tokens.
- Contains some additional security hardening, like preventing cross-site scripting that could be triggered only by administrators.
The full list of changes that are in WordPress 3.9.2 is available in the changelog.
Overview
WordPress is an open source CMS, often used as a blog publishing application powered by PHP and MySQL. It has many features including a plugin architecture and a templating system. Used by over 300 of the 10,000 biggest websites, WordPress is the most popular blog software in use today.
It was first released in May 2003 by Matt Mullenweg as a fork of b2/cafelog. As of September 2009, it was being used by 202 million websites worldwide.
Download WordPress
For a full description of the system requirements, and the download links, see: Download WordPress 3.9.2
What's new in WordPress 3.9 "Smith"
WordPress 3.9 "Smith" contains the a number of new features and improvements. More details can be found here.
Source:
WordPress News
No comments:
Post a Comment