更新到WordPress 4.1.2

提醒:本文最后更新于 3532 天前,文中所描述的信息可能已发生改变,请仔细核实。

看到标题,就可以知道这是水文。据说修补了安全漏洞,官方说明:

  • A serious critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
  • Files with invalid or unsafe names could be upload.
  • Some plugins are vulnerable to an SQL injection attack.
  • A very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
  • Four hardening changes, including better validation of post titles within the Dashboard.

如上所说,我觉得挺有必要更新的。

选择Wordpress的原因还是因为它频繁的更新,保证安全和不与时代脱节。

不过又想到个问题,纯静态的话,貌似就不会太大的漏洞。不过评论要第三方,或自己动态化。。。麻烦。还是不要想太多了。

找时间,想把PHP更新到5.6先。

转载请注明转自:kn007的个人博客的《更新到WordPress 4.1.2