Debian Linux Security Advisory 3250-1 – Multiple security issues have been discovered in WordPress, a weblog manager, that could allow remote attackers to upload files with invalid or unsafe names, mount social engineering attacks or compromise a site via cross-site scripting, and inject SQL commands.