WordPress 4.6.1

A new version of WordPress (4.6.1) was released recently to address an important security flaw. WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from…

Read the rest of this article…