WordPress Update: WordPress 4.1.2 Now Available

WordPress version 4.1.2 is now available to download and contains changes to address the following serious security issues:

  • A serious critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
  • Files with invalid or unsafe names could be upload.
  • Some plugins are vulnerable to an SQL injection attack.
  • A very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
  • Four hardening changes, including better validation of post titles within the Dashboard.

You can read more about the update: https://core.trac.wordpress.org/log/branches/4.1?rev=32234&stop_rev=32144

You can download WordPress 4.1.2: http://wordpress.org/wordpress-4.1.2.zip

About the Author...

Jennifer Zelazny

I am a Penn State alumni, avid golfer, kick boxer, volunteer, and Chicagoland WordPress developer who always enjoys a refreshing Coca-Cola.