WordPress 3.5.1

This morning, WordPress Developer Team has suprised everyone that use their famous CMS when, at top of our admin area, we can read «WordPress 3.5.1 is ready! Please update now».

This update was launched yesterday, January 24, and its a maintenance and security update. 37 bugs has been fixed, including:

  • Editor: Prevent certain HTML elements from being unexpectedly removed or modified in rare cases.
  • Media: Fix a collection of minor workflow and compatibility issues in the new media manager.
  • Networks: Suggest proper rewrite rules when creating a new network.
  • Prevent scheduled posts from being stripped of certain HTML, such as video embeds, when they are published.
  • Work around some misconfigurations that may have caused some JavaScript in the WordPress admin area to fail.
  • Suppress some warnings that could occur when a plugin misused the database or user APIs.

Additionally: WordPress 3.5.1 fixes a few security issues:

  • Server-side request forgery (SSRF) and remote port scanning via pingbacks. Fixed by the WordPress security team.
  • Cross-site scripting (XSS) via shortcodes and post content. Discovered by Jon Cave of the WordPress security team.
  • Cross-site scripting (XSS) in the external library Plupload. Plupload 1.5.5 was released to address this issue.

A full log of the changes made for 3.5.1 can be found at this page.

«WordPress 3.5.1 is ready! Please update now.»

¿Te ha gustado el artículo?
Sé el primero en calificar esta publicación.
1 estrella2 estrellas3 estrellas4 estrellas5 estrellas
Loading...

Suscríbete. Déjanos tu email y recibe contenido genial cada mes


Artículo escrito por

¡Exprésate! Dejanos tu comentario

Tu dirección de correo electrónico no será publicada.



Aún no hay comentarios en esta entrada. ¿Te animas?