Just as I finished publishing my previous post, I saw the notification that WordPress 2.8.6 security release is now available for download. Here’s what the official WordPress blog has to say about this new release:
2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.
The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.
If you were having problems accessing this blog earlier, it was because I was upgrading my WordPress install to 2.8.6. Although I trust the other authors on my blog, there’s always a possibility that some hacker or malicious user can obtain their login details and use that to compromise my blog. I just want to be sure, play safe and prevent any problems or headaches. As I always say, “better safe than sorry”. If you have other authors on your blog other than yourself, I strongly encourage you to upgrade to WordPress 2.8.6 now.
Written by 
*Don't forget to verify your subscription by clicking the link on the email that Feedburner will send you.*
March 17th, 2010 at 3:41 PM
Great post, good job, keep it up!
November 14th, 2009 at 12:31 PM
They have now implemented a plugin compatibility feature within all the plugin pages on the site…very cool
.-= Dennis Edell´s last blog ..He/She Has Unsubscribed – Should You Ask Why? =-.
November 13th, 2009 at 9:13 PM
Some hackers are using the existing weaknesses in the WordPress blog platform. We must always follow the updated version of WordPress to improve safety performance in blogging with WordPress. And I also had to upgrade to version 2.8.6
Thank you for the information. Greetings of peace from Indonesia
.-= cah ndeso´s last blog ..Block SPAM dengan RECAPTCHA =-.
November 13th, 2009 at 7:43 AM
Good for you for getting this done! I am sort of afraid to upgrade. Seems like every time I do a lot of my plugins stop working. Sigh.
.-= Heather Kephart´s last blog ..Daily Journaling for Children =-.