WordPress 2.8.6 Security Release
“WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.” – no other specifications; what if you do not have untrusted authors, do you have to upgrade? – Which are the endangered WordPress [...]
Upgrade to WordPress 2.8.5
After several security threats were found on older versions of WordPress, it’s rather obvious that the newly released WordPress 2.8.5 is security focused. Security hardening is a major priority in WordPress 2.8.5. Don’t wait till WordPress 2.8.4 gets pounded, you better upgrade right now. So what are the worth noting improvements in WordPress 2.8.5?
WordPress 2.9 to get a basic Image Editor
It seems WordPress is now ready for a basic image editor. This new feature will be in-built in WordPress 2.9 and won’t require a plug-in. Its certain, you can see it from the screenshots you’ll be able to re-size and rotate images, crop and scale them and so on. I certainly don’t expect layers, it’s [...]
Upgrade to Keep WordPress Secure
Here is Matt Mullenweg, the guy behind WordPress. He is here to explain to all how to keep WordPress secure. Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in [...]
WordPress Security Threat: Old Versions Under Attack
There are reports that older versions of WordPress -- now at version 2.8.4, are exposed to security threats. Two clues provided by Lorelle on WordPress blog that your non-up-to-date WordPress blog is under attack; 1) Strange additions to permalinks, such as 1example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/ The keywords are “eval” and “base64_decode.”
WordPress 2.8.4 Security Release Available
WordPress 2.8.4 is an important update given that it fixes a security bug. The bug can be exploited by hackers this way: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a [...]
An Unexpected WordPress 2.8.2 Security Patch
An unexpected upgrade of the WordPress blogging platform has been released. WordPress 2.8.1 was released roughly two weeks ago, and nobody expected WordPress 2.8.2 to come out so soon. The upgrade or security patch fixes an XSS vulnerability. The upgrade note says the vulnerability could be exploited this way: “Comment author URLs were not fully [...]
WordPress 2.8 Baker Released
WordPress 2.8 code-named Baker is now available for download. This full release comes with a bunch of bug fixes – – over 790 bugs, widgets, taxonomies, improvements to themes and overall speed. The upgrade bar at the top of the WordPress Dashboard that says “Word 2.8 is available! Please update now” is not yet available, [...]
