A security issue has been located that enables a specifically crafted request to allow a valid user to edit any post on the blog.

Wordpress has released a fix.

The recommended action is to update Wordpress to 2.3.3 (which includes a couple of other minor tweaks) or for those seeking a quicker, easier to implement solution to fix the security flaw only, download an updated xmlrpc.php file from Wordpress and over-write your existing xmlrpc.php file in your Wordpress root folder.

This entry was posted on Tuesday, February 5th, 2008 at 5:55 pm and is filed under News, Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.