WordPress just released a critical upgrade, 2.3.3, and you should really update now. The flaw that was found is the solution to a burning question I’ve had for a few times lately: how the **** are people editing posts on one of my blogs. (More specifically, css3.info, which is being syndicated at w3.org, and has thus been under quite some attacks lately).
It’s an XML RPC call bug, from the post:
a specially crafted request would allow any valid user to edit posts of any other user on that blog
Right. So: upgrade! And if you’re sick of upgrading WordPress by copying files, read my post about installing and upgrading WordPress from Subversion. I just upgraded all my 20+ WordPress installations in less than 5 minutes.
I am kind of tired of updating wordpress every 30 days or so. But I guess that’s the price we pay for using such a popular system.
Going to check out your other post on upgrading.
@Drew well it’s a low price if you think what this software would otherwise be costing you…
Thanks for the critical information on WordPress 2.3.3. Updating blog now.
I’m holding out for the 2.4/5 update.
For me personally, there’s little point in updating right now…