By Thilak February 6, 2008

[Update] WordPress 2.3.3

It’s time for another update. WordPress 2.3.3 security update has been released. It fixes a new flaw which allows a user to edit posts of other users on that blog. This update is a must-have for blogs which accept registrations.

The super quick way to fix this flaw is to download an updated xmlrpc.php and replace the existing one. Alternatively, you can also get the entire release and update your copy of WordPress using the standard download, unzip, upload and replace approach.

They also talk about the vulnerability found in WP-Forum plugin. The vulnerability when effectively exploited, it enables malicious users to retrieve usernames, passwords, posts and their email address. This flaw is related to WP-Forum plugin, and not WordPress itself. Even the latest version of the plugin includes this flaw, so it’s advisable to disable the plugin until a newer version of the plugin is available.

 

Related Posts that you may like:

Discussion

Comments for “[Update] WordPress 2.3.3”

  • I've only ever used Blogger. Although I find it very user friendly, it certainly doesn't look as good as many of the WordPress blogs I see.

    How easy is WordPress to use in comparison?
  • Thilak, is this (xmlrpc.php) the only file updated in this release ??
  • Oh, I have just updated my blog with 2.3.3. http://abhisays.com/wordpress/upgrade-your-blog... Now they have launched a new version. Once again I will have to update. But I believe wordpress should come with some hack proof version as all their releases in past are vulnerable to hacking.
  • Thanks Thilak for the headsup, wordpress is pretty vulnerable to hacking attacks, my blog recently got hacked, everybody on wordpress must upgrade asap.
  • Nathaniel: WordPress stores all posts, comments and all other data in a database. Upgrading WordPress won't do any harm to your database. Have a backup of your database, just as a precaution
blog comments powered by Disqus

Welcome to TechBuzz

TechBuzz is a technology blog read by 3000+ readers every day. We regularly write about new trends in technology, useful computer application and new web services. If you are new here, please subscribe our feed or opt for email updates to get new articles to your inbox.

Free Daily Updates

You can get fresh daily articles delivered straight to your feed reader or email inbox. Please subscribe to our RSS feed or opt for our free newsletter

Recent Posts

Google’s Chrome Tablet Concept Revealed
Google’s Chrome Tablet Concept Revealed
February 3, 2010
By Thilak
Ixquick. Ixquick allows users to surf the web with complete privacy. It let’s users surf the world wide web safely without revealing any personally identifiable or private information to the websites being viewed.

Ixquick is a free service which provides complete anonymity to the user enabling the user to surf the internet anonymously and safely. They claim it to be world’s most private search engine.

Surf The Internet Anonymously With Ixquick!

Surf The Internet Anonymously With Ixquick!
January 28, 2010
By Meghan
Apple iPad Unveiled
Apple iPad Unveiled
January 28, 2010
By Meghan
Happy New Year!
Happy New Year!
January 1, 2010
By Meghan
WordPress Version 2.9 Is Out!
WordPress Version 2.9 Is Out!
December 19, 2009
By Meghan