Wordpress announced that its new version 3.5.2 is now available and offers fixes for 12 bugs. This is the second maintenance release of version 3.5. Wordpress is “strongly” encouraging users to update their sites and to do so immediately – so, what are you waiting for! Get to it!
This release actually resolved seven security issues and contains several additional security fixes worthy of note, including:
– Blocking server-side request forgery attacks
– Disallowing contributors from improperly publishing posts (or reassigning posts authorship)
– Updated the SWFUpload external library to fix cross-site scripting vulnerabilities
– Prevention of a denial of service attack, affecting sites using password-protected posts.
– Updated an external TinyMCE library to fix another cross-site scripting vulnerability
You can view more by going to WordPess news