Security Update

By marlyse | Published: Saturday, May 28, 2005


“It has come to our attention that under certain circumstances there is a security vulnerability in WordPress that may be triggered if you’re running the default template. We were able to respond very quickly (under 40 minutes) and update the download to 1.5.1.2. You can upgrade by overwriting your old 1.5 files or if you would like to apply the fix manually it is relatively simple:

  1. Open the wp-includes/template-functions-category.php file in a text editor like Wordpad.
  2. Go to around line 103 where it says get_the_category_by_ID.
  3. Create a new line after that and paste in $cat_ID = (int) $cat_ID;

One note, even if the vulnerability was present in your blog, you would still be safe if your host ran mod_security on their servers. It is an Apache module which can provide very high-level protection against everything like the vulnerability above to comment spam. We will be updating the hosting page shortly to reflect which hosts there support mod_security or not.”

— (Via WP: WordBlog : Security Update).

This entry was posted in asides, wordpress. Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Subscribe without commenting

  • Word of the Moment

      People who think they know what they're doing are especially annoying to those of us who do.

  • Get a Glimpse

  • MyDiet

  • iPhone

  • Asides

    • Day Grid Balancer . David Seah writes, "I really suck at work-life balance, and have started to crave some way of visually representing the essential elements of a good ...

    • Tweetie for iPhone and the Mac too - atebits. Hesitant to get another Twitter application for my phone but due to good reviews I was looking at their site and then downloaded the desktop ...

    • Function Reference « WordPress Codex. Many questions can be answered here, and definitely a useful stop before heading over to the user forum to ask: The files of WordPress define many ...