WordPress 2.3.3 Security Update Released
A vulnerability was found in the work of XML-RPC, which, when performing a special request, allowed any user of the blog to edit the posts of another user in the same blog.
In addition to fixing this critical vulnerability, version 2.3.3 fixes several minor bugs in the work . If you only want to fix the vulnerability, just download the fixed version of xmlrpc.php and write it instead of the xmlrpc.php file in your blog. Full release info here .
Also, a vulnerability is being actively exploited in the WP-Forum plugin ; if you use this plugin, it is advisable to disable it before fixes are released.
In addition to fixing this critical vulnerability, version 2.3.3 fixes several minor bugs in the work . If you only want to fix the vulnerability, just download the fixed version of xmlrpc.php and write it instead of the xmlrpc.php file in your blog. Full release info here .
Also, a vulnerability is being actively exploited in the WP-Forum plugin ; if you use this plugin, it is advisable to disable it before fixes are released.
')
Source: https://habr.com/ru/post/19802/
All Articles