Posted on 22 July, 2009 By 11 Comments

WordPress 2.8.2 Released – Say What? A Security Release

 

Police - 1978 (by AndyWilson)

Oh look. A birthday gift from the WordPress folks to me.

WordPress 2.8.2 was released on July 20th and is a security fix

I didn’t notice this until tonight because I’ve been out of the loop, ignoring the news, and freaking out. I tried to take a day off, tried to celebrate another journey around the sun, and tried to deal with an extremely sick kid with a Foreigner (the band) style fever.

So, apparently there is a XSS vulnerability. I know, I know – the XSS stuff really gets to me too ;-)

But this is a bad bugaboo. The URL left by a commentator can be exploited to redirect you away from the WordPress admin to some nefarious, evil other site.

I shouldn’t joke – this is serious. If you are already running 2.8 or 2.8.1, upgrade as soon as possible. (Make backups first). If you are still running the WordPress 2.7 series, you may want to sit tight for a couple of days to see it 2.8.3 makes an appearance.

Enjoy! Oh – and remember my guide to upgrading WordPress manually is still a valuable resource. A self-processed upgrade “newbie” said he used it successfully for his first ever manual upgrade.

photo credit: AndyWilson




Keep Reading:
Posted In : WordPress Tips

Did you enjoy this article? I can assist you with your WordPress or Facebook project. Contact me and I will provide you with an estimate. You can also connect with me on Facebook or follow me on Twitter. If you are looking for Hosting, WordPress Theme, Newsletter or other recommendations, please view my detailed list.




11 Responses to “WordPress 2.8.2 Released – Say What? A Security Release”

Leave a Comment
You may use: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> .

CommentLuv badge

About

Kim Woodbridge is an accomplished Information and Technical Consultant specializing in the entire implementation of a WordPress based website including installation, theme design, upgrades, unique customizations and ongoing site maintenance.

Recent Comments

    • Property Marbella: Hi Kim, Good article with several good tips, my friend up in Sweden has clothing stores and online sales with little tr...
    • Kim Woodbridge: This post was written 2.5 years ago. At that time people wanted detailed instructions and asked me to write it. And wh...
    • Kim Woodbridge: Pretty much all themes have a page.php file. Are you using a child theme? If so, you will want to look for the page.ph...
    • Mitch: That's why the internet has evolved into a worthless piece of "junk yard". Everybody is repeating the same thing over an...
    • Meredith: This is very straightforward info, and I think it will help, but I have one question. What if I don't have a page.php fi...

Wordpress Services

  • Installation, upgrades and maintenance
  • Conversion of existing html and css templates
  • Theme and plugin recommendations
  • CSS customizations
  • Troubleshooting and tweaks for unique situations
  • Customization for individual blogging goals and needs
  • Training and advice