WordPress 2.6.3 Security Patch Released


đź“Ś MemberPress: advanced WordPress plugin for subscriptions & membership sites

The good folks at WordPress have just released a new security patch for WordPress platform (WP 2.6.3). Here is the deal:

A vulnerability in the Snoopy library was announced today. WordPress uses Snoopy to fetch the feeds shown in the Dashboard. Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately.

For those of you who are a bit more technical:

This can be exploited to inject arbitrary shell commands via a script calling the “fetch()” or “submit()” function with an URL controlled by the attacker.

This is a highly critical security item, so you should download yours as soon as possible.

More WordPress reading: