Home » Critical! » WordPress 2.2 Security Issue, patch it now

Fundamental Website Setup Links

WordPress 2.2 Security Issue, patch it now

WordPress 2.2 has a security issue that requires immediate patching by anyone using this version. There is not an official new download available from the wordpress.org site yet, but you can get information on how to fix the vulnerability on their support forum here: http://wordpress.org/support/topic/120857?replies=12.

It requires you to replace a file (xmlrpc.php) with a new version, details are in the thread linked to above. This vulnerability affects any WordPress 2.2 install that allows comments and allows users to register. (which is probably a large number of websites). The vulnerability will allow a hacker to get your admin password, so this is bad.

Go check now and fix this if you are using this version!

AWSOM Powered