Jesse Ou

**Name of the Vulnerable Software and Affected Versions** WordPress versions 3.1 through 3.1.2 WordPress versions 3.2 before Beta 2 **Description** The issue is related to "Various security hardening" and has an unknown impact and attack vectors. **Recommendations** For WordPress versions 3.1 through 3.1.2, update to version 3.1.3 or later. For WordPress versions 3.2 before Beta 2, update to Beta 2 or later.

**Name of the Vulnerable Software and Affected Versions** WordPress versions 3.1 through 3.1.2 WordPress versions 3.2 before Beta 2 **Description** The issue allows remote attackers to determine usernames of non-authors via canonical redirects. **Recommendations** For WordPress versions 3.1 through 3.1.2, update to version 3.1.3 or later. For WordPress versions 3.2 before Beta 2, update to Beta 2 or later.

**Name of the Vulnerable Software and Affected Versions** WordPress versions 3.1 through 3.1.2 WordPress versions 3.2 before Beta 2 **Description** The issue allows remote attackers to conduct clickjacking attacks via a crafted web site, as it does not prevent rendering for admin or login pages inside a frame in a third-party HTML document. **Recommendations** For WordPress versions 3.1 through 3.1.2, update to version 3.1.3 or later. For WordPress versions 3.2 before Beta 2, update to Beta 2 or later.

**Name of the Vulnerable Software and Affected Versions** WordPress versions 3.1 through 3.1.2 WordPress versions 3.2 before Beta 2 **Description** The issue allows remote attackers to obtain sensitive data via vectors related to wp-includes/post.php, specifically by treating unattached attachments as published. **Recommendations** For WordPress versions 3.1 through 3.1.2, update to version 3.1.3 or later. For WordPress versions 3.2 before Beta 2, update to Beta 2 or later.

**Name of the Vulnerable Software and Affected Versions** WordPress versions 3.1 through 3.1.2 WordPress versions 3.2 before Beta 2 **Description** The file upload functionality has unknown impact and attack vectors, possibly related to dangerous filenames, when running on hosts with dangerous security settings. **Recommendations** For WordPress versions 3.1 through 3.1.2, update to version 3.1.3 or later. For WordPress versions 3.2 before Beta 2, update to Beta 2 or later.

**Name of the Vulnerable Software and Affected Versions** WordPress versions 3.1 through 3.1.2 WordPress versions 3.2 before Beta 2 **Description** The issue is related to "Taxonomy query hardening" and may involve SQL injection, although the exact impact and attack vectors are not specified. **Recommendations** For WordPress versions 3.1 through 3.1.2, update to version 3.1.3 or later. For WordPress versions 3.2 before Beta 2, update to Beta 2 or later.