WordPress has released a security update for it’s most popular blogging platform WordPress 3.1.2. This security updates fixes vulnerability that allowed Contributor-level users to improperly publish posts. This vulnerability was a privately reported and was detected by in-house security team, so this exploit was not available online. Some more issues are also fixed in this update.

Problems fixed in WordPress 3.1.2

  • Fix a vulnerability that allowed Contributor-level users to improperly publish posts. (r17710)
  • Fix user queries ordered by post count. (#17123)
  • Fix multiple tag queries. (#17054)
  • Prevent over-escaping of post titles when using Quick Edit for pages. (#17218)

This is a mandatory update, WordPress  administrators can update their blogs automatically within the admin dashboard or can manually download the version and run the update script. I have updated few of my blogs without any problem.

You can check the release note at official WordPress page

Direct download WordPress 3.1.2

List of Files Changed

wp-includes/post-template.php
wp-includes/version.php
wp-includes/user.php
wp-includes/query.php
readme.html
wp-admin/includes/class-wp-posts-list-table.php
wp-admin/includes/update-core.php
wp-admin/press-this.php

4 COMMENTS

  1. This is a great download! I’m currently using the recent version. However, since I came across this awesome knowledge, I got to consider upgrading to this new version. It’s great news knowing that WordPress 3.1.2 has fixed the problems we encountered in previous versions. I guess the best thing about this upgraded version is its prevention on over-escaping post titles. Thanks a lot for sharing this news!

LEAVE A REPLY

Please enter your comment!
Please enter your name here