Another week, another security patch for WordPress. WordPress 2.8.6 is out, and if you have registered users on your website, you should take time to update. Here is how the folks behind WordPress explained the latest update:
2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.
Even if you don’t have registered users, you still want to upgrade just to be on the safe side. Make sure you do it as soon as possible to avoid becoming a victim.