Wordpress 3.5.1 is now available for download.What’s new in this release?
Editor: Prevent certain HTML elements from being unexpectedly removed or modified in rare cases.
Media: Fix a collection of minor workflow and compatibility issues in the new media manager.
Networks: Suggest proper rewrite rules when creating a new network.
Prevent scheduled posts from being stripped of certain HTML, such as video embeds, when they are published.
Suppress some warnings that could occur when a plugin misused the database or user APIs.
A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions.
Two instances of cross-site scripting via shortcodes and post content.
A cross-site scripting vulnerability in the external library Plupload.