H Automattic μόλις κυκλοφόρησε την νέα έκδοση του WordPress 4.6.1. Είναι μια ενημέρωση ασφαλείας, καθώς οι προηγούμενες εκδόσεις από την WordPress 4.6 και μετά επηρεάζονται από two security gaps:
A cross-site scripting (XSS) through someone's file pictures, reported by SumOfPwn researcher Cengiz Han Sahin
and a path traversal to the package uploader upgrades, reported by Dominik Schilling from the WordPress security team.
WordPress 4.6.1 also fixes 15 4.6 bugs of the XNUMX version that you can see in the following link:
Changed files:
wp-admin/about.php wp-admin/js/editor-expand.js wp-admin/js/editor-expand.min.js wp-admin/includes/media.php wp-admin/includes/class-file- upload-upgrader.php wp-admin/includes/class-language-pack-upgrader.php wp-includes/wp-db.php wp-includes/pluggable.php wp-includes/script-loader.php wp-includes/general-template.php wp-includes/css/editor.css wp-includes/css/editor.min.css wp-includes/css/editor-rtl.css wp-includes/css/editor-rtl.min.css wp-includes/functions.php wp-includes/class-wp-editor.php wp-includes/taxonomy.php wp-includes/load.php wp-includes/version.php wp-includes/class-http.php wp-includes/js/tinymce/skins/wordpress/wp-content.css wp-includes/js/jQuery/jquery.masonry.min.js wp-includes/Requests/Transport/cURL.php wp-includes/revision.php wp-content/plugins readme.html