14 DAY TRIAL // The WordPress development team has released version 3.1.1 of the blog publishing platform in order to address multiple stability and security issues.
In total, the new WordPress 3.1.1 fixes almost thirty bugs including three vulnerabilities discovered by core developers Jon Cave and Peter Westwood.
One flaw was located in the media uploader component and allowed bypassing the cross-site request forgery (CSRF) protection. It was resolved by adding some nonce checks to the code.
This type of vulnerabilities allows attackers to hijack the sessions of authenticated users by forcing their browser to perform unauthorized actions when visiting a maliciously crafted web page.
Such an attack abuses the inherent trust between websites and browsers and is resolved by associating unique codes (nonces) to requests.
The second vulnerability was a minor cross-site scripting (XSS) issue located on the database upgrade screens.
This type of flaw is the result of insufficient input validation and can be used, in the worst case scenario, to generate pages with rogue code inserted into them.
Both the CSRF and XSS vulnerabilities were discovered and reported by Jon Cave, who is also a member of the WordPress security team.
The vulnerability identified by Peter Westwood concerns the handling of certain links and can lead to a denial of service condition where the PHP process crashes. It can be exploited by inserting malformed links into comments.
In addition to these security patches, the update also contains 26 bug fixes dealing with IIS6 support, taxonomy and PATHINFO permalinks, as well as various plugin compatibility problems. Many performance improvements are also included.
Users are strongly advised to upgrade to WordPress 3.1.1. This can be done from the Dashboard > Updates menu and since this is only a minor update it shouldn't normally generate any problems.
WordPress 3.1.1 can also be downloaded from here and installed manually.