WordPress 3.5.1 was released and you should upgrade as soon as you have the opportunity!
First of all, this is considered a maintenance version (or release) to version 3.5. This upgrade actually fixes 37 bugs that were discovered. According to WordPress.org, the major fixes include:
- Editor: Prevent certain HTML elements from being unexpectedly removed or modified in rare cases.
- Media: Fix a collection of minor workflow and compatibility issues in the new media manager.
- Networks: Suggest proper rewrite rules when creating a new network.
- Prevent scheduled posts from being stripped of certain HTML, such as video embeds, when they are published.
- Suppress some warnings that could occur when a plugin misused the database or user APIs.
This release also addresses some security concerns! This is the main reason why you want to upgrade to WordPress 3.5.1! The security issues addressed (as per WordPress.org) are (Warning! This gets a little techie):
- A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions. This was fixed by the WordPress security team. We’d like to thank security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work.
- Two instances of cross-site scripting via shortcodes and post content. These issues were discovered by Jon Cave of the WordPress security team.
- A cross-site scripting vulnerability in the external library Plupload. Thanks to the Moxiecode team for working with us on this, and for releasing Plupload 1.5.5 to address this issue.
Bottom line is that anytime an update with a security fix is released, you probably want to have it!
Before you upgrade, make sure you take a back up of your system before changing anything! Back up your database, your files, your themes, your plugins, etc. Back it all up!
By the way, if you want some help with this, check out the WordPress Academy!