Categories: Articles

WordPress 2.6.5

WordPress 2.6.5 is immediately available and fixes one security problem and three bugs. We recommend everyone upgrade to this release.

The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.

Note that we are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

Get WordPress 2.6.5.

check out the story at WordPress Development

Web Master

Hi, I am Miguel, I bought this site in 2009. So I now run or manage the site. Please visit my new website or follow me on twitter @W3i.

View Comments

Recent Posts

Weblog Tools Collection: WP-commerce Podcast

Jeff Chandler has done a great interview with Dan Milward of Instinct. Check it out…

4 weeks ago

WPZoom: WordPress related Firefox Addons

Firefox is regarded as the best Web browser in terms of extensions. It has hundreds…

4 weeks ago

MissyWard.com

4 weeks ago

cforms II now GPL compliant

Well, it was a long run, ok, only 24 hours when Mr. Seidel's announced that…

4 weeks ago

Goodbye to cforms II

If you are using the cforms II, you may want to head over to Mr.…

4 weeks ago

Revolution Two: Church Theme

Benefits include the Church theme, unlimited theme support answered by our experts, customization techniques with…

4 weeks ago