Cancel

belinda@verytwisty.com

WordPress 4.6.1 Released, Patches Two Security Vulnerabilities

WordPress 4.6.1 is available and users are strongly encouraged to update immediately as it patches two security vulnerabilities. The first is a cross-site scripting vulnerability related to image filenames that was reported by Cengiz Han Sahin, a SumOfPwn researcher. The second is a path traversal vulnerability in the upgrade package uploader reported by Dominik Schilling, who led the WordPress 4.6 development cycle and is a member of the WordPress security team.

In addition to the security patches, this release fixes 15 bugs. Since 4.6.1 is a point release, most sites should update automatically. However, if you’d like to update sooner, browse to your WordPress Dashboard and select Updates and click the update now button. Users who encounter any issues with or updating to WordPress 4.6.1 are encouraged to report them in the WordPress support forums.

 

Category:
Tags: ,

SHARE THIS:

LIKE THIS

5 Comments

5 responses to “WordPress 4.6.1 Released, Patches Two Security Vulnerabilities”

  1. My blog stated behaving abnormal after updating to 4.6.1.
    Sometimes it doesn’t let me to log in. what should I do? what could be the reason? any plugin compatibility or anything else?

You may also like

Newsletter

Subscribe Via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

[jetpack_subscription_form subscribe_placeholder=”Email Address” show_subscribers_total=”false” button_on_newline=”false” submit_button_text=”Submit” custom_font_size=”20px” custom_border_radius=”0″ custom_border_weight=”1″ custom_border_color=”#d8d8d8″ custom_button_width=”30%” custom_padding=”15″ custom_spacing=”10″ submit_button_classes=”has-20-px-font-size has-d-8-d-8-d-8-border-color” email_field_classes=”has-20-px-font-size has-d-8-d-8-d-8-border-color” show_only_email_and_button=”true”]