High Risk WordPress vulnerability

WordPress pushed out version 3.5.1 of its open source blogging platform yesterday, fixing 37 bugs including several cross-site scripting (XSS) errors and a vulnerability that could have allowed an attacker to expose information and compromise an unpatched site.

Until yesterday, the aforementioned vulnerability, discovered by security researchers Gennady Kovshenin and Ryan Dewhurst, affected all versions of the platform. This particular problem could be exploited with a server-side request forgery (SSRF) attack and remote port scanning using pingbacks. Essentially, if left unpatched, an attacker could have forced a server into sending packets of information from the attacker to another server, even if it was behind a firewall.

The update also fixes the following XSS errors:
Two instances of cross-site scripting via shortcodes and post content.
A XSS vulnerability in the external library Plupload.

Due to the nature of this release, it’s advised that anyone running WordPress have their WordPress installations updated.

Further information can be found here:
http://wordpress.org/news/2013/01/wordpress-3-5-1/
http://core.trac.wordpress.org/query?milestone=3.5.1
http://threatpost.com/en_us/blogs/wordpress-fixes-37-bugs-latest-update-012513