Upgrading to WordPress 2.3.3 Now – It is Urgent!

Lanna — Fri, 08 Feb 2008 00:40:53 +0000

On February 5, 2008, an article from WordPress Development Blog said, “WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. [...].” So here are the steps you need to follow if you are currently using WordPress 2.3.2 :

Download WordPress 2.3.3 here and unzip it.

Backup all your WordPress 2.3.2 files to your local computer.

Delete all your Wordpress 2.3.2 files from WordPress directory except wp-config.php file, wp-content folder, and .htaccess file on your server.

Upload WordPress 2.3.3 to the location where you just deleted WordPress 2.3.2 files.

Run http://www.youdomainname.com/wp-admin/install.php; make sure you change yourdomainname to be your own domain name.

That is all. Now WordPress 2.3.3 should be installed.

A few more things are worth mentioning here. First thing is that if you are currently using a vulnerability in the WP-Forum plug-in, make sure you remove it till further update is available from its author because this plug-in can be exploited to malicious user to retrieve usernames, password hashes, and email addresses for all users, including administrators. Therefore, the second thing you need to do is to use strong password instead and change it regularly.

Share and Enjoy:

Exploring The Internet » WordPress 2.3.3

Upgrading to WordPress 2.3.3 Now – It is Urgent!