WordPress

WordPress 4.6.1 Released, Patches Two Security Vulnerabilities

WordPress 4.6.1 is available and users are strongly encouraged to update immediately as it patches two security vulnerabilities. The first is a cross-site scripting vulnerability related to image filenames that was reported by Cengiz Han Sahin, a SumOfPwn researcher. The second is a path traversal vulnerability in the upgrade package (more…)

WordPress 4.7 Development Kicks Off This Week

WordPress 4.7 development officially kicked off at today’s meeting in the #core Slack channel. This release is being led by lead developer Helen Hou-Sandí who has selected Aaron Jorbin and Jeff Paul as release deputies. The first item on the agenda was an update on the upcoming 4.6.1 maintenance release. (more…)