Wordpress users, don't panic, but stop what you're doing rigth now and go update your Wordpress installation.
Wordpress announced that its new version 3.5.2 is now available and offers fixes for 12 bugs. This is the second maintenace release of version 3.5. Wordpress is "strongly" encouraging users to update their sites and to do so immediately - so, what are you waiting for! Get to it!
This release actually resolved seven security issues and contains several additional security fixes worthy nof note, including:
- blocking server-side request forgery attacks
- disallowing contributors from improperly publishing posts (or reassigning posts authorship)
- updated the SWFUpload external library to fix cross-site scripting vulneratbitlites
- preventing a denial of service attac affective siets usign password-protected posts
- updated an external TinyMCE library to fix another cross-site scripting vulnerability