WP 2.2.2 and Theme Vulnerabilities

As you may have noticed, the fine folks at WordPress have released WP v2.2.2 into the (deuces) wild. I have taken the unusual step of upgrading RMFO-Blogs users first, rather than RMFO-Pro users. Why? Simply put, RMFO-Blogs has been getting hammered because of some Cross-Site Scripting Vulnerabilities in themes. As a result of these vulnerabilities, I made use of the WordPress scanner at BlogSecurity.net to check all activated themes as I did the upgrades. If your theme was vulnerable, I moved you to the WordPress Default theme for the time being.

There is a discussion topic on the Rumor Forum on how to fix your themes. I’m happy to help you do it, but I didn’t have time to do the fixes while trying to secure the server. Having a secure server was far more important to me than having everyone’s theme look pretty today.

2117 CDT: All RMFO-Pro users are now up-to-date.

4 Responses to “WP 2.2.2 and Theme Vulnerabilities”

  1. Chris Hubbs Says:

    Having a secure server was far more important to me than having everyone’s theme look pretty today.

    I, for one, approve of this choice.

    Like my approval means anything. ;-)

  2. Kathleen Says:

    I tried to follow the link to read the discussion topic on the forum… but it was off limits to me.

  3. Geof F. Morris Says:

    I’ll fix that for you, Kathleen.

  4. Kathleen Says:

    Danke!

Leave a Reply