As many of you know, WordPress is by far my favorite blogging platform (and the one that I use for this blog).
Three days ago, WordPress 2.6.5 was released, and according to the post on WordPress.org, it contains one security fix and three bug fixes.
From their site:
The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.
2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.
You can download the latest package from WordPress.org/Download.
Filed under: Uncategorized