Bala-Krishna

WordPress 2.3.3 version has been released today to fix security issues in XML-RPC implementation as well as vulnerability in the WP-Forum plugin. According to WP post, an special xml-rpc request can be made that allow one user to update post of another user. Here is full list of fixes in new version.

• Fixed flaw in XML-RPC implementation. you can update XML-RPC file without updating wordpress immediately. You just need to download updated xml-rpc file and overwrite new file in your existing installation.
• Discovered a vulnerability within this WP-Forum plugin that can be exploited by malicious users to conduct SQL injection attacks. WP recommend to remove this plug-in until new release.
• Fixed a function in wp-includes/gettext.php that fails to determine the correct byteorder on FreeBSD6.2-amd64.
• Fixed emails sent problem to certain addresses.
• Fixed issue with maybe_create_table function using a full path definition of the location of the wp-config.php file.

Upgrade with latest WordPress Release

February 5th, 2008 Bala Krishna Posted in Advertising, Blogging, Browser Stuff, Bug Fix, Business Talk, Crawler, Events, Tips and Tricks, Web Design, Web Development, Web Hosting, Web Technology, Word Press, Wordpress Plugin, Wordpress Theme, Wordpress Widget | No Comments »

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.