Page 1 of 11
wordpress 2.8.x Tag's Archives
WordPress 2.8.4 Security Patch is out now!
Posted by Muhammad Furqan Abid in Release on August 12, 2009
Another heads up for all WordPress users. The WordPress dev team just released another security update WordPress 2.8.4 to fix a vulnerability discovered yesterday.
Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.
I strongly advice to upgrade your WordPress ASAP. Doing the upgrade will only take a few minutes of your time and in case you’re still new to WordPress and are not familiar with the process, the WordPress Codex has a dedicated page that contains a detailed process on how to upgrade WordPress.
WordPress 2.8.3 security updates is out!
Posted by Muhammad Furqan Abid in Release, Security on August 04, 2009
Wordpress release its new version 2.8.3 with some major security updates.
According to Ryan Boren,
Unfortunately, I missed some places when fixing the privilege escalation issues for 2.8.1. Luckily, the entire WordPress community has our backs. Several folks in the community dug deeper and discovered areas that were overlooked. With their help, the remaining issues are fixed in 2.8.3. Since this is a security release, upgrading is highly recommended.
Download 2.8.3, or upgrade automatically from your admin.
  |
