WordPress 3.1.3

By Justin Parra

This is a just a quick reminder to all of our friends using WordPress.  Make sure you update to the new version- 3.1.3.   This will likely be the last version before 3.2.  It has several security fixes.  One of the most common reasons for getting hacked is having as outdated (and vulnerable) version!  Here are some of the updates that were made:

  • Various security hardening by Alexander Concha.
  • Taxonomy query hardening by John Lamansky.
  • Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros.
  • Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
  • Improves file upload security on hosts with dangerous security settings.
  • Cleans up old WordPress import files if the import does not finish.
  • Introduce “clickjacking” protection in modern browsers on admin and login pages.