The WordPress developers have released security update 2.8.6 to fix two vulnerabilities. At least one of the bugs allows attackers to inject and execute arbitrary PHP code on the server. There appears to be issues, however, with Apache web servers in the new update. WordPress users are advised to install the update as soon as possible if untrusted authors can add content and upload images. Read the full article in The H Security, published by The Huffington Post, on Monday, at 10pm GMT.
Source: https://threatpost.com/new-wordpress-update-thwarts-malware-111309/73098/