WordPress 2.3.3. an 'urgent security release'

WordPress 2.3.3. an 'urgent security release'

Summary: WordPress has released version 2.3.3 to plug a flaw that would allow a specially crafted request to edit posts of other users on that blog.

SHARE:
TOPICS: Browser, Security
1

WordPress has released version 2.3.3 to plug a flaw that would allow a specially crafted request to edit posts of other users on that blog.

In a post, WordPress noted that 2.3.3 is "an urgent security release." You can fix the flaw without downloading the new version. WordPress says the following:

If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php.

In addition, WordPress detailed vulnerability in the WP-Forum plugin that is being exploited. WordPress advises that folks remove this plugin until a fix emerges.

This update is a bit of inside baseball, but given that WordPress powers a lot of blog platforms, including ZDNet's, it is worth a mention.

Topics: Browser, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion