We’ve just made our WordPress Security upgrade to WordPress 3.1.3. Here is the excerpt of changes as mentioned in WordPress blog.
WordPress 3.1.3 is available now and is a security update for all previous versions. It contains the following security fixes and enhancements:
- Various security hardening by Alexander Concha.
- Taxonomy query hardening by John Lamansky.
- Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros.
- Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
- Improves file upload security on hosts with dangerous security settings.
- Cleans up old WordPress import files if the import does not finish.
- Introduce “clickjacking†protection in modern browsers on admin and login pages.
I just hope that everything will be fine. Let me know for any bugs that you could see after our upgrade.