WordPress 2.8.5 is a security release that brings a number of security hardening changes: • fix for Trackback Denial-of-Service attack • removal of areas within code where php code in variables was evaluated • switched file upload functionality to be whitelisted for all users including Admins • retiring of two importers of Tag data from old plugins. Its recommended that all sites are upgraded to this version of WordPress to ensure that you’ve the best available protection.