Note № 8 20 Jul 2009 1 min read

Wordpress 2.8.2 released

Wordpress 2.8.2 fixes a nasty Cross Site Scripting vulnerability in comments.

From the archive Originally published at planetmediocrity.com

WordPress 2.8.2 has been released. It fixes an XSS vulnerability where commenter's URLs were not properly sanitized before being displayed to the Admin in the moderation queue. This could be exploited to redirect you away from the current site to a malicious page.

WordPress recommend you upgrade.