Blog upgrade to 2.3.3
12 hours before the WordPress development team launched a security patch version of WordPress 2.3.3. If you have it on your blog user registration feature is enabled, then, but also very concerned about the safety of your blog, please update the version upgrade. Of course, if you only care about security, you only need to download and cover your xmlrpc.php file.
The following is the official website of the new version of the explanation:
It is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.
2.3.3 version of the main amendments to the security vulnerabilities are:
- Some special XML-RPC request may be registered in the opening of blog users modify other users online articles.
- Other small security vulnerabilities.
Others did not amend the version of the request for the Bo main attention is:
- WP-Forum plugin plug-ins contain security vulnerabilities. If you are using the plug-in and security concerns, please temporarily disable the plug-ins to know the introduction of new security patches.
- Goodwill remind Bo master password勤换, particularly in the post-opening of the new plug-ins.
The latest comments