Today we have got great news from wordpress team with their latest update on the wordpress source. They claim that its a very critical blog update and its important to fix a core security bug in the HTML Sanitation library called the KSES. The wordpress team has rated this update as a “Critical update” hence make sure you have the update.
The update is readily available through the dashboard update or it could be downloaded from here.
If you are a security researcher, wordpress would appreciate you taking a look over this changeset as well to review their update. They have thanked Mauro Gentile and Jon Cave (duck_) who discovered and alerted us to these XSS vulnerabilities first.
Make sure you have this update on your wordpress blog for a SECURE and happy holiday season.
Source: WordPress News