Today , WP-DEV just release the newest version of their product , WordPress 2.3.3 ! WordPress 2.3.3 is an urgent security release since some vulnerabilities on XML-RPC have been exploited which allows any authenticated user to edit any post from any user . If you don’t want to replace your current release with the entire new version of WordPress , you could also download only the security-fix which is located here . It will simply replace your xmlrpc.php file . And the bug will be fixed!
To track the current WordPress Security Advisories , you could simply track it on Blogsecurity.net .
Upgrade your WordPress Now! is posted on February 5th, 2008 by admin. This post is filed under: Security, secInfo, featured, Security, Web Hacking, wordpress security .
Some people come to this post with this search term: computers internet blog, wordpress, php mail injection, invisible friendster tracker, xmlrpc dork:, private, credits, live book, movie net, download, account, friendster password tracker, xmlrpc.php dork, myspace profiles, myspace profiles wordpress, private myspace wordpress,
And here is the related entries of this post:
I always wait a few weeks to upgrade just in case.