Urgent Security Upgrade : WordPress 2.3.3 Released

Another security upgrade is out for WordPress. This one is fairly urgent, as it allows other members of your blog to “hijack” posts not written by them.


From WordPress Development Blog.

WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

Please upgrade to the latest version as soon as possible.