As part of the automatic upgrade WordPress places a file named .maintenance in the blog base folder (folder that contains the wp-admin folder). If that file exists, then visto…
今天WordPress更新到2.8.6,更新日志如下:
Fixed an XSS vulnerability in Press This (修正了press-this.php的XSS漏洞)
Fixed issue with sanitizing uploaded file names that can be exploited in…
■Fix for trackback DOS
■Removal of permalink_structure eval
■Remove some create_function() calls
■Disallow unfiltered uploads by default, even for admins. Enable it again w…
今天升级2.8.4完了居然发现roov.org访问不了了,首页两行英文:
Warning: require(wp-blog-header.php) [function.require]: failed to open stream: No such file or directory in e:\www\web\roov.org\wwwroot\i…
今晚回来发现2.8.4开始通过后台推送了,到各个友链去看了看,基本上都是这条消息作为头条。
下面是官方的更新说明:
Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to…