WordPress 2.3.3 is an urgent security release update

I got wind of this direct from a Blog Update from WPThemesPlugin before any official notification, that I should be signed up for. Nice work WPTP.

Personally, I still have not made the update to 2.3.2, I am still at 2.3.1. So based on this, I am not sure if this security fix is just applicable to 2.3.2 or all prior versions. I assume it’s just related to the 2.3.2 release before Christmas.

So at this point I am unsure if it’s worth installing this update right now or what. Will give it a few days and see what happens on the grapevine.

The following Article is word for word from the official WordPress Blog post made this morning:

WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

Also, there is a vulnerability in the WP-Forum plugin that is being actively exploited right now. If you are using this plugin, please remove it until an update is available.

Since we are talking security, remember to use strong passwords and change them regularly. While you’re updating WP and your plugins, consider refreshing your passwords.


Written by: Graham Smith: The Logo Smith
1st Posted: 2008/02/05 & Post Updated: 2014/05/09
Filed In Categories: Blogging, Web Design

Subscribe to Blog Updates by: RSS, Email, Feedly

Hire a Freelance Logo Designer in the UK

Logo & Brand Identity Design by Freelance Logo Designer The Logo Smith.

If you like the Logo & Brand Identity Design work I have done in my Portfolio, and The Gallery and Monomarks, and are looking to hire yourself a Highly Talented, and Super Experienced (27 Years), Freelance Logo & Brand Identity Designer, then look no further. Visit Hire Me, and fill in the Design Brief, or just Contact me.

The Logo Smith has Full Business Idemnity Insurance (FCA Regulated).

« Previous Post: Barcode yourself

» Next Post: Apple’s New wireless ‘stumpy’ keyboard – Delete Key Fix

Breadcrumbs: Home » Blogging » WordPress 2.3.3 is an urgent security release update