Blog Archives


I got wind of this direct from a Blog Update from WPThemesPlugin before any official notification, that I should be signed up for. Nice work WPTP.

Personally, I still have not made the update to 2.3.2, I am still at 2.3.1. So based on this, I am not sure if this security fix is just applicable to 2.3.2 or all prior versions. I assume it's just related to the 2.3.2 release before Christmas.

So at this point I am unsure if it's worth installing this update right now or what. Will give it a few days and see what happens on the grapevine.

The following Article is word for word from the official WordPress Blog post made this morning:

WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

Also, there is a vulnerability in the WP-Forum plugin that is being actively exploited right now. If you are using this plugin, please remove it until an update is available.

Since we are talking security, remember to use strong passwords and change them regularly. While you’re updating WP and your plugins, consider refreshing your passwords.








 Previous Post:   Barcode yourself
 Next Post:   Apple’s New wireless ‘stumpy’ keyboard – Delete Key Fix





Posted By: The Logo Smith: Freelance Logo & Brand Identity Designer.

    


 Categories: Blogging,  Web Development

 Tags:

  More Posts by Category





Similar Posts:

How often do you hear the same ‘blogging’ message? I have recently witnessed (makes me seem so important!) some Blogs where people have left casual (or even sinister) comments saying that they have read a similar article elsewhere (they do say it’s a small world after all). Well, there’s news for me. Then going as far as accusing the writer of steal...
Issue with Top Commentator Plug-in for WordPress 2.3.1 Top Commentators: Really struggling to understand why these Top Commentator plug-in's don't seem to work as they should. The menu shows, but no reference is made to the comment authors. I have tried most of the various plug-in's available but they all seem to suffer from the same issue.The plug-...
The Junkies Series of Posterous Blogs – I Love Posterous What's it all about I love good recources, we all do. Yet there are so many to choose from, to remember to sift through it can be come quite overwhelming.I for one, use Delicious to bookmark the posts that I find particularly cool and useful and Stumble most others. But as much as I love Deli...
Twitter WMA Part 2 – Twitter and the Creative Logo Designer Read up on Twitter WMA Part 1 - (Weapon of Mass Addiction) if you missed it first time around.Follow me. follow you, you un-followed me now so I'll un-follow you! Sound familiar? Damn right it does. Way to familiar. All this tit-for-tat, or tat-for-tit depending on your perspective, glass hal...




Hire The Logo Smith - Freelance Logo Designer

Where Can I Hire a Logo Designer?




More Logo & Graphic Design Posts - Main Blog Index




This free font: Apple-Sans-Adjectives is certainly quite fun, and intriguing, but not so sure on the practical side of things

Apple-Sans-Adjectives was designed [email protected] & @Rich_Cahill, and they have kindly made this font available as a freed