Stay up to date with our newest WordPress themes, WordPress plugins, WordPress tutorials, and other announcements.
It was just announced yesterday that WordPress 2.8.5 has been released, which is considered a “security hardening” release. Here are some of the updates and fixes:
- A fix for the Trackback Denial-of-Service attack that is currently being seen.
- Removal of areas within the code where PHP code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including admins.
- Retiring of the two importers of tag data from old plugins.
If you’re wondering what the difference between a “hardening release” and a “security release” is, I don’t think there is any. The only difference to me seems that people don’t seem to complain as much about hardening releases as they do security releases.
I just upgraded to 2.8.5 yesterday with the automatic upgrader and everything seems to be running smoothly.