WordPress three.5.1 is currently obtainable. Version 3.5.1 is that the 1st maintenance unleash of three.5, fixing thirty seven bugs. it’s additionally a security unleash for all previous WordPress versions. For a full list of changes, consult the list of tickets and therefore the changelog, that include:
Editor: stop bound hypertext markup language parts from being unexpectedly removed or changed in rare cases.
Media: Fix a set of minor work flow and compatibility problems within the new media manager.
Networks: recommend correct rewrite rules once making a brand new network.
Prevent regular posts from being stripped of bound hypertext markup language, like video embeds, once they ar printed.
Suppress some warnings that might occur once a plugin ill-used the info or user genus Apis.
Additionally, a bug poignant Windows servers running IIS will stop change from three.5 to 3.5.1. If you receive the error “Destination directory for file streaming doesn’t exist or isn’t writable,” you may have to be compelled to follow the steps made public on the Codex.
WordPress three.5.1 additionally addresses the subsequent security issues:
A server-side request forgery vulnerability and remote port scanning victimisation pingbacks. This vulnerability, that may doubtless be accustomed expose info and compromise a website, affects all previous WordPress versions. This was mounted by the WordPress security team. We’d wish to give thanks security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work.
Two instances of cross-site scripting via shortcodes and post content. These problems were discovered by Jon Cave of the WordPress security team.
A cross-site scripting vulnerability within the external library Plupload. due to the Moxiecode team for operating with US on this, and for cathartic Plupload one.5.5 to deal with this issue.