WordPress has released WordPress 3.1.1 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to conduct cross-site request forgery attacks, conduct cross-site scripting attacks, or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the WordPress article for the release of WordPress 3.1.1 and apply any necessary updates to help mitigate the risks.
This product is provided subject to this Notification and this Privacy & Use policy.