WordPress yesterday released WordPress 2.2.1, which incorporates a number of small bug fixes and tweaks, along with some security issues that make this a required upgrade.
According to the announcement, this release addresses three vulnerabilities:
- Remote shell injection in PHPMailer
- Remote SQL injection in XML-RPC
- Unescaped attribute in default theme
WordPress 2.2, released just over a month ago, contained "over 200 bug fixes" as well as several new features, including the ability to integrate Widgets into your blog without installing a plugin. Since then, the WordPress community has repaired a number of other small bugs and refined a few other elements, including Atom feed validation fixes, XML-RPC fixes, Widget backward compatibility fixes, Widget backward compatibility fixes, and Page and Text Widget improvements.
The highly popular WordPress, written in PHP and backed by a MySQL database, is a freely available blogging platform released under the GPL. It was recently chosen as the WebWare 100 winner in the Publishing category.