Apparently there is a security hole in WordPress that allows hackers into your hosting account. To secure everything, you need to update to the latest version 2.8.6 of WordPress immediately:

Here is a video from Youtube with a quick explanation followed by the WordPress statement:

“WordPress 2.8.6 Security Release

Posted November 12, 2009 by Ryan Boren. Filed under Releases, Security.

2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges.  If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch.  The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.”

Why not do it now! And don’t forget to backup first.

See my previous post –

Tagged with:

Filed under: GeneralTips

Like this post? Subscribe to my RSS feed and get loads more!