Upgrade Wordpress 2.3.2

    • Dec
    • 30

    Upgrade Wordpress 2.3.2

    Posted by Noah Ark 9 months, 2 weeks ago.

    Filed under WordPress & vulnerability.

    I just upgrade today, WordPress 2.3.2, fixed a nasty vulnerability. I haven’t did any test yet but according to “blackhat domainer” you can view WordPress Draft Entry via simple URL parameters without log in (un-authorize view).

    WordPress developer had to release this ’securities’ fixes before the upcoming 2.4. You could either wait for 2.4 (the milestone is almost ready?) or upgrade immediately. But before others exploit this vulnerability its better to upgrade.

    Peter Westwood’s sum up all wordpress 2.3.2 recent change and update in details. Read it first before you decide to upgrade.

    External Links

    About the Author

     

    Tags:
    • December 30, 2007 at 11:36 am
    • December 30, 2007 at 11:50 am
    • 0.3
    • url

    • 2 Responses to Upgrade Wordpress 2.3.2

      Trackback URL: Use the TrackBack url ↑ to ping this article. If your blog does not support Trackbacks you might want to leave a comment instead.
          • Dec
          • 31
          • http://www.gravatar.com/avatar/7a9a8db09d8d8f607903c4b8bd391b84?s=58&d=http://42.kaizeku.com/wp-content/themes/wp-istalker-pb/images/gravatar.png&r=G
        • RE: Upgrade Wordpress 2.3.2
          Upgrade Wordpress 2.3.2 Keith 9 months, 2 weeks ago 3 url · microId

          Version 2.4 isn't scheduled until late January (and these things rarely come out until after the due date), so it's best to upgrade and not give crackers a month to exploit the bug. I always use XML-RPC to post entries personally, but not exposing draft posts to unauthorized users is probably a must for most WordPress users.

          Oh yeah, and about your disclaimer at the bottom of the page, don't I just feel special :)

          • (cc) 2007 - 2008 Keith.
          • Mozilla-18 on Linux · #1
          • Jan
          • 04
          • http://www.gravatar.com/avatar/e9a8e47447397395699d4c0506af5368?s=58&d=http://42.kaizeku.com/wp-content/themes/wp-istalker-pb/images/gravatar.png&r=G
        • RE: Upgrade Wordpress 2.3.2
          Upgrade Wordpress 2.3.2 Noah Ark 9 months, 1 week ago 3 url · microId

          Thanks Keith, yes i agree. Security issues should be patched immediately.

          Anyway, it seem like there wil be no Wordpress 2.4 as it was schedules to be release on december 2007. The roadmap is now change to 2.5.


          p/s: The notice is bundle with this theme I dont lnow out how to hide it yet.

          • (cc) 2008 Noah Ark.
          • Firefox-2 on Winxp · #2

    RSS feed for comments in this post

    "write as if you were talking to a good friend (in front of your mother)."

    .haveyoursay

    Disclaimer: For any content that you post, you hereby grant to Kakkoi the royalty-free, irrevocable, perpetual, exclusive and fully sublicensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform and display such content in whole or in part, world-wide and to incorporate it in other works, in any form, media or technology now known or later developed. Some rights reserved.

MySQL query error