WordPress declared yesterday that they have discharged WordPress 3.6.1, which is additionally a security discharge for all past WordPress variants. WordPress unequivocally urges all clients to refresh their locales promptly, as this will address the accompanying security concerns:
Square hazardous PHP unserialization that could happen in constrained circumstances and setups, which can prompt remote code execution.
Keep a client with an Author job, utilizing an uncommonly made demand, from having the capacity to make a post “composed by” another client.
Fix deficient info approval that could bring about diverting or driving a client to another site.
Download WordPress 3.6.1 or refresh now from the WordPress Dashboard.
Kindly observe the full WordPress declaration for subtleties.