WordPress has had a heck of a time trying to stay ahead of evil hackers following the summer of exploits.
Unfortunately, several of our clients had been among those affected, but everyone got back up and running with an upgrade and some deep cleaning.
According to WP:
The headline changes in this release are:
- A fix for the Trackback Denial-of-Service attack that is currently being seen.
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
We would recommend that all sites are upgraded to this new version of WordPress to ensure that you have the best available protection.
Also, if your blog has been hit, they also suggested installing the WordPress Exploit Scanner plugin to help you remove any traces of hack. It’s actually a great tool.
ContentRobot is recommending that you also upgrade to this release – please don’t blindly hit that button and back up everything first!