WordPress 4.1.2 is now available


WordPress 4.1.2 has been released and available for download or update in your WordPress dashboard. This is the second maintenance release of 4.1 ("Dinah"), addressed a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.

Download WordPress
WordPress 4.1.2 is available for download or update in WordPress dashboard. Sites that support automatic background updates will be updated to WordPress 4.1.2. For a full description of the system requirements, and the download links, see: Download WordPress 4.1.2


Overview
WordPress is an open source CMS, often used as a blog publishing application powered by PHP and MySQL. It has many features including a plugin architecture and a templating system. Used by over 300 of the 10,000 biggest websites, WordPress is the most popular blog software in use today.

It was first released in May 2003 by Matt Mullenweg as a fork of b2/cafelog. As of September 2009, it was being used by 202 million websites worldwide.

WordPress 4.1 "Dinah" includes a number of new features that help you focus on your writing. This update also comes with new default theme that lets you show it off in style. More details can be found here.

What's new in WordPress 4.1.2
Version 4.1.2 addressed a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. It also fixed three other security issues:
  • In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded.
  • In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
  • Some plugins were vulnerable to an SQL injection vulnerability.

The full list of changes that are in WordPress 4.1.2 is available in the changelog.

Source:
WordPress News

No comments: