As we’ve expressed in the past, website maintenance is extremely important. WordPress has released a maintenance and security update 3.5.2 and all My Santa Fe Network websites have been updated and tested. If you experience any issues please report them to us. Below is a  list of items that have been addressed in this release.

• Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site.
• Disallow contributors from improperly publishing posts, reported by Konstantin Kovshenin, or reassigning the post’s authorship, reported by Luke Bryan.
• An update to the SWFUpload external library to fix cross-site scripting vulnerabilities. Reported by mala and Szymon Gruszecki. (Developers: More on SWFUpload here.)
• Prevention of a denial of service attack, affecting sites using password-protected posts.
• An update to an external TinyMCE library to fix a cross-site scripting vulnerability. Reported by Wan Ikram.
• Multiple fixes for cross-site scripting. Reported by Andrea Santese and Rodrigo.
• Avoid disclosing a full file path when a upload fails. Reported by Jakub Galczyk.