WordPress Update 3.6.1 Security and Bugs Fixes

WordPress Update: This maintenance release fixes 13 bugs in version 3.6, which was a very smooth release.

WordPress 3.6.1 is also a security release for all previous WordPress versions and we strongly encourage you to update your sites immediately.

Fixes Detail

• Deprecate/remove custom-fields.js and categories.js
• Upgrade Network page continues to say Database Upgrade Required
• Once the admin menu is collapsed, the user setting gets stuck on collapsed
• HTML5 support for specific features doesn’t work.
• jquery-1.10.2.min.map 404 error
• Feature notification after update should display only onceis_email_address_unsafe should be case insensitve
• Wrong time displayed for restored posts
• Plugin/Theme/Core Updates Fail When Curl Used and String Function Overloading Configured
• Nav Menu: Bug while assigning a new menu to an existing menu location
• In iOS Safari it’s impossible to type in TinyMCE after zooming in or out while the onscreen keyboard is open comment_form() function treats $args as array before passing $args through wp_parse_args()
• New users are automatically subscribed to the main blog

It addresses three issues fixed by the WordPress security team

• Block unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution. Reported by Tom Van Goethem.
• Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user. Reported by Anakorn Kyavatanakij.
• Fix insufficient input validation that could result in redirecting or leading a user to another website. Reported by Dave Cummo, a Northrup Grumman subcontractor for the U.S. Centers for Disease Control and Prevention.

The WordPress team adjusted security restrictions around file uploads to mitigate the potential for cross-site scripting.

Download WordPress 3.6.1 or update now from the Dashboard ? Updates menu in your site’s admin area.

More Information

• Try Online Demo:
  WordPress (Softaculous external link)

• Source Wordpress (Official Website)
  http://wordpress.org/news/

• Start Open WordPress:
  In order to use Wordpress you need a domain name (ex. yoursite.com) and web hosting service.
  If you don’t have a domain name Register a Domain Name.
  To install Wordpress choose one of our hosting plans. (all our packages includes Softaculous).

• Hosted Wordpress
  Contact us if you don’t need a domain or hosting service, and want to use Wordpress anyway.

[otw_is sidebar=otw-sidebar-8]