I have just noticed the link in my dashboard, informing me that a security update has been released for WordPress. See the WordPress dev blog post on this subject here. Basically, a security flaw was discovered, where IF you had registration enabled on your blog, members could theoretically hack in and edit other people’s posts. Although this doesn’t effect this blog, (anyone is welcome to leave a comment, but no one can register), I’ll be uploading the new xmlrpc.php to my 20 blogs tonight, and probably update them properly to 2.3.3 tomorrow morning. As ever, head on over to the official WordPress download page to grab the latest stable release. (If you are looking for nightly builds, I doubt you need me to go digging about for the URL, I imagine it is imprinted on your brain already 😉 )
Anyway, if you have any friends with WordPress powered blogs (that is those who host their own files, and download the software from wordpress.org, not those who use wordpress.com services), do them a favour and drop them a line to give them a heads up on this update.
Feb 06 2008
September 2nd, 2008 8:02 pm
Thanks for the informative post.. and thanks for adding our comment to the blog.
November 8th, 2008 9:58 pm
hey great site very nice post will visit again