Comments on: WordPress 2.8.6 released http://jaredatchison.com/2009/11/wordpress-2-8-6-released/ web design, development, wordpress, and lulz Fri, 04 Jun 2010 18:58:25 +0000 hourly 1 http://wordpress.org/?v=3.1-alpha By: Jared http://jaredatchison.com/2009/11/wordpress-2-8-6-released/comment-page-1/#comment-98 Jared Fri, 13 Nov 2009 16:08:23 +0000 http://jaredatchison.com/?p=114#comment-98 @Harash - Yeah this update was spur of the moment. It fixes and XSS vulnerability for authors. So there are two ways this could be used. 1 - One of your Authors deliberately uses the exploit 2 - One of your authors (including you) gets phished, clicks a link, and then the XSS code runs. It's definitely not a high priority update if you are the only user on the blog. @Harash – Yeah this update was spur of the moment.

It fixes and XSS vulnerability for authors.

So there are two ways this could be used.
1 – One of your Authors deliberately uses the exploit
2 – One of your authors (including you) gets phished, clicks a link, and then the XSS code runs.

It’s definitely not a high priority update if you are the only user on the blog.

]]> By: Harsh Agrawal http://jaredatchison.com/2009/11/wordpress-2-8-6-released/comment-page-1/#comment-96 Harsh Agrawal Fri, 13 Nov 2009 02:06:50 +0000 http://jaredatchison.com/?p=114#comment-96 This update was really unexpected.. though this update seems to be only for those who have multi author blogs or is it for every one? This update was really unexpected.. though this update seems to be only for those
who have multi author blogs or is it for every one?

]]>