Hi friends! There is another release from the WordPress folks. As usual this one too is called as a security release. Before releasing the final WordPress 2.9 I think these WordPress folks are going to release many more WordPress versions to make our site / blog secure and more secure.

WordPress 2.8.6 mainly fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended. Due to the ever growing web you never know who are the authors in your blog. How much ever you try to verify them they can fool you. You never know whether the authors you have faithful or are unfaithful.

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.

Although this update is not for all users or in other words is mainly for the bloggers with many authors in one site, I recommend all of you to update your current WordPress to WordPress 2.8.6 to be on the safer side. You never know what can happen next.

“Precaution Is Better Than Cure”

I have updated my WordPress to the latest one and will also request you all to do the same. WordPress 2.8.6 has no problems and can be updated safely.