April 3, 2007

ChangeLog: WordPress 2.1.3 and 2.0.10 released to address vulnerabilities

Author: Joe 'Zonker' Brockmeier

The WordPress team has released security updates for the 2.1 and 2.0 branches of WordPress.

The release is available for download now, and includes fixes for a security hole in the WordPress XML-RPC implementation and cross-site scripting (XSS) vulnerabilities.

Upgrade instructions are available on the WordPress site.

Users who are tired of doing WordPress upgrades manually may wish to check out the InstantUpgrade plugin for WordPress. The InstantUpgrade plugin allows administrators to update WordPress to the most recent version -- or a version of their choice -- via the Web-based admin panel in WordPress.

Download the plugin, read the installation instructions, uncompress it in the wp-content/plugins directory, and enable the plugin in the WordPress admin dashboard under Plugins.

Make sure to back up your WordPress database and then go to Manage -> InstantUpgrade in the admin dashboard. If all goes well, and it should, the plugin will download the specified version of WordPress, unpack it, and install it.

Click Here!