Skip to Content

Free TUAW iPhone app -- try it now!
AOL Tech

Filed under: Security, Blogging

WordPress releases urgent security update

WordPress users might have noticed an upgrade notification in their Dashboard's today. This version, dubbed WordPress 2.3.3, has been released as an urgent security update.

The problem? Well for blogs with registration enabled, a hole in the XML-RPC implementation was found that could allow a user to edit the posts of other users on that blog.

The WordPress team has two update solutions. If you just want to update the xmlrpc.php file, you can download it here and import it directly to your main WordPress directory (overwriting the file that is in its place now). If you want the full 2.3.3 update, which includes a few minor bug fixes in addition to the XML-RPC exploit, download it here and follow the usual upgrade protocol.

Additionally, if you use the WP-Forum plugin, be aware that it is being actively exploited as a target for SQL injections. Please disable and delete the plugin until a fix is released.
jobs & resumes
Lead Blogger

AOL Find a Job - New York, NY (2 weeks ago)

See More Relevant Jobs ›

Reader Comments (Page 1 of 1)

Featured Time Waster

Graveyard Shift - zombie-busting Time Waster

With Halloween fast approaching, it's a great time to get in some practice defending your territory against zombies. In Graveyard Shift, you take aim at zombies and other creepy-crawlies, blasting them into splatters of cartoony green guts. It's a casual first-person shooter, and it's very easy to get the hang of - use the mouse to aim, click to fire. Graveyard Shift has at least 15 levels, and it might even have some secret stages I haven't unlocked yet. They key to getting good at Graveyard Shift is learning to use ...

View more Time Wasters

Featured Galleries

Defective by Design, London: Protest Pictures
Microsoft Security Essentials
Chromium Pre-Alpha on CrunchBang Linux
Safari 4 Beta
10 Firefox themes that don't suck
IE8 RC1
Download Squad at the Crunchies After-Party
Download Squad at the Crunchies
WordPress 2.7
Cooking Mama: Mama Kills Animals
Windows 7 Hands On
Comodo Internet Security
Android First-look: Amazon.com MP3 Store
Android First-look: Twitroid
Google Reader Android
Android Hands-On
Twine 1.0
Photoshop Express Beta
Mozilla Birthday Cake
Palm stuff
Adobe Lightroom 1.1

 


Follow us on Twitter!

Flickr Pool

www.flickr.com

More Tech Coverage

AOL Radio

Joystiq

TUAW

Daily Finance

Autoblog

Urlesque

Engadget

WoW

Switched.com

FanHouse