OMG the sky is falling, no its a quick easy fix for WordPress…

WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.[via WordPress Dev Blog]

Come one, come all and install this ASAP! I’ve seen the attacks on my server, but luckily it looks as though Bad Behavior was catching them. But you shouldn’t rely on plugins to do that. So stay on top of it, and patch up. Its quick and painless (took less then a minute for me). Also there is a bug in WP-Forums, read the post if you use that plugin.

Tags: Plugins, Security, Site Update, Wordpress