Posts Tagged ‘security’
How to keep WordPress secure
Matt Mullenweg talks about the need to keep up-to-date with upgrades to guard against security threats:
http://wordpress.org/development/2009/09/keep-wordpress-secure/
Matt discusses a new worm which exploits a vulnerability in older versions of WordPress. The attack creates an admin user and executes code through the “permalinks” functions. The current version of WordPress, 2.8.4, is not vulnerable to this attack.
Keeping updates current is one of the best ways to guard against hacks. If you haven’t upgraded yet, don’t put it off any longer.
Tags: Matt Mullenweg, security, upgrade, WordPress, worms
Security advisory for WordPress and other PHP sites
Web site owners using the WordPress system should upgrade to version 2.6.2 immediately. This important security release adds protection against a SQL Column Truncation hazard and other security issues.
The security risk affects all PHP applications, WordPress included. Particularly vulnerable are those websites allowing open registration. More details about this issue at http://wordpress.org/development/2008/09/wordpress-262/