Upgrade to WordPress 2.6.5
I’ve been looking at the change log of wordpress 2.6.5 and it seems to be a security fix, so updating your installation is a must. ^_^
Just to quote from the wordpress blog,
The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy
wp-includes/feed.phpandwp-includes/version.phpfrom the 2.6.5 release package.
2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests.
Now, for those who want to update their wordpress manually,
Here’s the list of files to replace in your installation.
- /wp-includes/post.php
- /wp-includes/version.php
- /wp-includes/feed.php
- /xmlrpc.php
- /wp-admin/users.php
As for me, I’m be doing the wordpress automatic upgrade style. Much faster. 