It’s time to update your WordPress. Yes! WordPress v 2.8.6 has been released. This update fixes two major security problems.
- The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch.
- The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.
Visit WordPress.org/download/ to get your updated WordPress.