by John Ankarström on August 12, 2009
in Releases
A vulnerability in WordPress 2.8.3 was discoved yesterday. The WordPress Blog says:
A specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.
The WordPress is now updated to version 2.8.4, and is available for download. Remember, you can easily update WordPress automatically :-)
by John Ankarström on July 20, 2009
in Releases
It has not been long since WordPress 2.8 arrived, and only two weeks ago 2.8.1 was released. The people at WordPress are fast!
Now, WordPress 2.8.2 has arrived, fixing a critical bug, an XSS vulnerability. As Ryan Boren at WordPress Blog describes it:
Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.
As I said, version 2.8.2 fixes this bug. So, upgrade your blog (can be done automatically since 2.7) , and don’t forget to backup your database!
by John Ankarström on June 6, 2009
in Releases
Briefly: Finally – June 10th is the target date for WordPress 2.8! On a IRC meetup last Wednesday, the WordPress developers set a release date for WordPress 2.8.
Source: WordPress Blog
by John Ankarström on May 21, 2009
in Releases
The WordPress 2.8 beta is available, it was released 16/5, and there’s lots of new features in the 2.8 beta version. Two great features, are syntax highlighting in theme and plugin editor and a new Theme Installer! I’ve often wondered why Automattic didn’t included this in 2.7, but I’m glad to hear it’s coming in 2.8. Another small, but useful, function is that in 2.8, you can save a draft of post by pressing CTRL/+C. Very handy! Now there’s also a description field for tags, like for the categories. I’m not sure if anyone will use this, because it’s so much work to do if you want to describe every tag on your blog…
There’s many small features, like “improved admin buttons” and invisible classes. I look forward to when the finished version will release, but meanwhile I’ll perhaps test the beta. ;-)
