WordPress 2.0.6

WordPress 2.0.6 was released including a important security fix that I feel makes it imperative for users to upgrade.

From the wordpress website:

Here’s what’s new:

  • The aforementioned security fixes.
  • HTML quicktags now work in Safari browsers.
  • Comments are filtered to prevent them from messing up your blog layout.
  • Compatibility with PHP/FastCGI setups.

Go here to download the latest update. I recommend you upgrade as soon as possible.

The WordPress development blog also notes that this will probably be the last release before WordPress 2.1 is out, which will be the first major feature release in a long time.

WordPress Exploit

David Kierznowski has uncovered an exploit in the popular WordPress blogging software that everyone should be aware of. Popular security website Security Focus has the issue documented, and it is suggested that you upgrade your template.php file as soon as possible to avoid becoming a victim.

The WordPress team has issued an updated release, version 2.0.6 that contains a fix.

Simply put, to fix the wordpress exploit, visit the wordpress site and edit line 114 in your template.php file.