WordPress 4.6.1 Security and Maintenance Release

WordPress 4.6.1 Security and Maintenance Release

WordPress 4.6.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the WordPress security team.

Thank you to the reporters for practicing responsible disclosure.

In addition to the security issues above, WordPress 4.6.1 fixes 15 bugs from 4.6. For more information, see the release notes or consult the list of changes.

Download WordPress 4.6.1 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.6.1.

At Sitemaster our aim is to provide a cost-effective and personalised service that will give you value for money and a return on investment.

My aim with every customer is to build them a website that converts their visitors into customers for a fair and reasonable cost.

View the Portfolio pages and the costing in the Web Design section to get an idea of costings what is possible.

1 reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Comment