WordPress 3.8.2: Security Release

WordPress has recently released its latest update: WordPress 3.8.2 version. This is a security release for all previous versions. According to WordPress.org, the latest version fixes the following

  • a weakness that could let an attacker force their way into your site by forging authentication cookies
  • prevent a user with the Contributor role from improperly publishing posts

In addition, this security release also contains 3 other security hardening changes:

  • passes along additional information when processing pingbacks to help hosts identify potentially abusive requests
  • fix a low-impact SQL injection by trusted users
  • prevent possible cross-domain scripting through Plupload, the third-party library WordPress uses for uploading files

Since this is only a security update, your WordPress may have been updated automatically (websites that support automatic background updates will be updated within 12 hours). But to ensure your WordPress website is updated, it is recommended to log in to your site and check if update is required. To update, log in to your WordPress dashboard and the update button is listed on top of the browser. To learn more about the update, please read this blog post from WordPress.org

Comments are closed.