A new update to WordPress viz. WordPress 3.5.2 is now available to download. This update includes some security fixes and some fixes on maintenance related issues. This is an overall security release so it is highly recommended to update WordPress as soon as possible. This time security team has overcome 12 bugs and some security issues.
Some of the updates are:
- Server side request forgery attacks have been successfully blocked. These attacks enabled attackers to gain access over the site via a very harmful attack. Many blogs have been the kill of these attacks but now you don’t need to worry about them.
- Contributors have been disallowed from publishing improper/incomplete posts. This update was very necessary if you are running your blog with lots of contributors. There’s also been an update in Media Manager. SWFUpload external library has been updated to fix cross-site scripting vulnerabilities
- Your password protected posts are now more secure as an update has been made to prevent denial of service attack. An external update to TinyMICE has also been made to fix a cross-site scripting vulnerability.
- There are many other minor and major updates made.
This was an essential update for WordPress. It is highly recommended that you update your WordPress right away, so that your blog/website meet the security requirements. We have already updated few blogs to WordPress 3.5.2and the updates went through smoothly, but it is still advised that you make a backup before you continue.
You can download the latest version or get instructions on updating WordPress here.