WordPress 2.6.5 has just been released and has been labeled as a recommended upgrade. This release fixes a security issue and three other small bugs.
The following are the fixes in detail:
- Added a check for the correct post_type to blogger.editPost and blogger.deletePost.
- Updates to update_post_meta() and delete_post_meta() to ensure they work correctly with post revisions and don’t create the meta on the revision instead of the post.
- Protection for a very difficult to exploit XSS issue.
- Fix for an XSS issue with the Atom and RSS feeds on some hosting setups.
You may have noticed that version 2.6.4 has been skipped, due to a fake 2.6.4 release that had gone around the blogosphere.
On a side note, I personally won’t be upgrading anymore of my sites until 2.7 is released. I want 2.7, and I want it now!