WordPress 2.2.1 Released

WordPress 2.2.1WordPress 2.2.1 is now available. 2.2.1 is a bug fix release for the 2.2 series. Since 2.2 was released a month ago, the WordPress community has been improving fit-and-finish by identifying and fixing those little bugs that can be so annoying and by fine-tuning some small details. The result is a nicely polished 2.2.1 release.

Unfortunately, 2.2.1 is not just a bug fix release. Some security issues came to light during 2.2.1 development, making 2.2.1 a required upgrade. 2.2.1 addresses the following vulnerabilities:

  • Remote shell injection in PHPMailer
  • Remote SQL injection in XML-RPC Discovered by Alexander Concha.
  • Unescaped attribute in default theme

Read more (WordPress.org)…

Related Posts

  • No related posts.

This entry was posted on Thursday, June 21st, 2007 at 20:32 and is filed under Web News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “WordPress 2.2.1 Released”

  1. Syaf The Geek Says:
    June 29th, 2007 at 3:25

    You might need to upgrade it because there are a lot of cases that Wordpress blog that use 2.2 version have been hacked.

  2. Gabriel Says:
    June 29th, 2007 at 17:00

    Yeah, I agree. I’ve seen one too and he even showed his logs. It turned out that he has user registration enabled.

    The current vulnerability with version 2.2 is the file upload function. But this is if you have multiple contributors on your blog.

    Version 2.2.1 is a must upgrade, I think.

Leave a Reply