提醒:本文最后更新于 3304 天前,文中所描述的信息可能已发生改变,请仔细核实。
看到标题,就可以知道这是水文。据说修补了安全漏洞,官方说明:
- A serious critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
- Files with invalid or unsafe names could be upload.
- Some plugins are vulnerable to an SQL injection attack.
- A very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
- Four hardening changes, including better validation of post titles within the Dashboard.
如上所说,我觉得挺有必要更新的。
选择Wordpress的原因还是因为它频繁的更新,保证安全和不与时代脱节。
不过又想到个问题,纯静态的话,貌似就不会太大的漏洞。不过评论要第三方,或自己动态化。。。麻烦。还是不要想太多了。
找时间,想把PHP更新到5.6先。
转载请注明转自:kn007的个人博客的《更新到WordPress 4.1.2》