Secara resmi tim development WordPress mengumumkan ketersediaan versi 3.4.1 dari WordPress. Silakan update seluruh blog anda yang menggunakan WordPress.
Update minor kali ini memberikan sejumlah perbaikan dan penambahan fitur seperti:
- Fixes an issue where a theme’s page templates were sometimes not detected.
- Addresses problems with some category permalink structures.
- Better handling for plugins or themes loading JavaScript incorrectly.
- Adds early support for uploading images on iOS 6 devices.
- Allows for a technique commonly used by plugins to detect a network-wide activation.
- Better compatibility with servers running certain versions of PHP (5.2.4, 5.4) or with uncommon setups (safe mode, open_basedir), which had caused warnings or in some cases prevented emails from being sent.
dan yang paling penting, versi ini juga menangani sejumlah permasalahan keamanan seperti:
- Privilege Escalation/XSS. Critical. Administrators and editors in multisite were accidentally allowed to use unfiltered_html for 3.4.0.
- CSRF. Additional CSRF protection in the customizer.
- Information Disclosure: Disclosure of post contents to authors and contributors (such as private or draft posts).
- Hardening: Deprecate wp_explain_nonce(), which could reveal unnecessary information.
- Hardening: Require a child theme to be activated with its intended parent only.
Link Download (via WordPress.org)
Download WordPress 3.4.1