WordPress 4.6.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.6 and earlier are affected by two security issues:
- a cross-site scripting vulnerability via image filename.
- a path traversal vulnerability in the upgrade package upload.
In addition to the security issues above, WordPress 4.6.1 fixes 15 bugs from 4.6.
Download WordPress 4.6.1 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.6.1.
Security, WordPress
Tired of Slow and Unsecure Hosting?
Experience Blazing Speed and Unrivaled Security with Our Hosting Plans!