WordPress 2.6.5 – All Should Upgrade

WordPress 2.6.5 is immediately available and fixes one security problem and three bugs. We recommend everyone upgrade to this release, in order to make your blog as secure as possible.

The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests.

Note that WordPress are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

This entry was posted in Software and tagged , , . Bookmark the permalink.

4 Responses to WordPress 2.6.5 – All Should Upgrade

  1. Alex Fraiser says:

    I have upgraded my site. And I’m not one of those people who complain about upgrading a lot either, I always feel better after an upgrade.

  2. Yeah it’s best to upgrade to avoid having your site exploited by vulnerabilities.

  3. Dan says:

    This might be a little off subject, but have you looked at seoclientprospectingrobot dot com? Just wondering if you have any reviews of it, I’m thinking of buying a copy, and wanted to see if anyone had bought a copy yet.

  4. nihoomsmync says:

    Очень понравился ваш блог! Подписался на rss. Буду регулярно читать.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>