cross site scripting

Yesterday WordPress released version 4.1.1, primarily to address two serious vulnerabilities and a total of 52 fixes were included.  The cross-site scripting vulnerability first reported on Jan. 6 was fixed. If you haven’t updated, we’d recommend doing that today (WP Minder clients, you’re already taken care of).