Wordpress 2.3.3 released! Update quickly for a security fix.

Update Wordpress

Wordpress 2.3.3 was released yesterday and I suggest that you should update immediately.

WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. (Source)

As of now, I’m still doing the upgrade and trying to find out which files you need to replace. But one thing for sure, you need to replace the xmlrpc.php file since this is the focus of the wordpress 2.3.3 fix.

Update: Here are the files that you need to replace and add to your wordpress installation. Remember to backup first before doing any upgrade or update.

Files to replace in wordpress 2.3.3

/xmlrpc.php

/wp-includes/gettext.php
/wp-includes/pluggable.php
/wp-includes/version.php

Files to add in wordpress 2.3.3

/wp-admin/install-helper.php

Related Items:

Smashing WordPress: Beyond the Blog (Smashing Magazine Book Series)

Blog updated to wordpress 2.2.2

Wordpress 2.3.1 Released – Update Quickly to avoid a security issue

Blog Updated to Wordpress 2.3.2

Wordpress 2.6.1 Released – Maintenance Update

Wordpress 2.6.5 Released

Tags: wordpress 2.3 bugs, wordpress 2.3.3, wordpress 2.3.3 updates, wordpress 2.3.3 upgrade
Posted in Wordpress on Feb 6th, 2008 by Allen Gurrea

Comments (8)

8 Responses

sylv3rblade (44 comments.)

February 6th, 2008 | 1:20 pm

hmm.. I guess I’ll just update the security patch of the XML-RPC.

sylv3rblade’s last blog post..Geeks and Valentines #2: Date ideas

Reply
Allen (940 comments.)

February 6th, 2008 | 8:54 pm

@sylv3rblade – Hi sylv3rblade, that’s the gist of the update but you can also update the version.php file or else, wordpress is going to keep bothering you to update.

Reply
Dexter | Techathand.net (72 comments.)

February 6th, 2008 | 10:35 pm

Kelangan ba talaga iupdate kasi di naman multi user blog ko..

Dexter | Techathand.net’s last blog post..WordPress Update : WordPress 2.3.3 Release

Reply
Kirbitz | Pinoy Money Blogger (6 comments.)

February 7th, 2008 | 6:52 am

I dont know how to back-up wordpress. help!

Btw, Allen, I added your blog to my blogroll already!

http://pinoymoneyblogger.com/links

If its not much of a trouble please change mine to “Pinoy Money Blogger”.

Im targeting this one kasi and trying out an experiment. Thanks allen!

Kirbitz | Pinoy Money Blogger’s last blog post..Two Solid Ways To Get Links To Your Blog

Reply
Allen (940 comments.)

February 7th, 2008 | 9:03 am

@Dexter – Hi Dex, although it may not affect us single users, it’s still best to update. and besides, that message “Your WordPress 2.3.2 is out of date. Please update.” won’t stop unless we do.

btw, just a question Dex, in your blog, I noticed a related post by category in your sidebar, is that a plugin? thanks.

Reply
Allen (940 comments.)

February 7th, 2008 | 9:06 am

@Kirby Hi Kirby, you may want to check my archives or the category blog tech tips. I have outlined several ways to back up your blog especially wordpress.

I’ll edit you in the blogroll provided you come and visit this blog alot! haha just kidding

Reply
glitch (1 comments.)

February 14th, 2008 | 4:04 pm

Thank you, update done. Medyo newbie pa sa updates eh, check ko lang files na mention mo at yu ang pinalitan ko.

glitch’s last blog post..Valentine’s Day Quote SMS Made Easy

Reply
Allen (940 comments.)

February 15th, 2008 | 11:27 am

@glitch – I’m glad it worked for you. Btw, wordpress 2.5 is coming out soon. I’ll be sure to make an update guide for it. Check back soon.

Reply

| |

Wordpress 2.3.3 released! Update quickly for a security fix.