A few days ago I reported about a new WordPress vulnerability, and prophesied that as a result we would soon be witness to a new release of WordPress.

Well look who’s right. The powers-that-be at WordPress announced yesterday that two security-related releases are now available for users of the main 2.2 branch and the legacy 2.0 branch, i.e. versions 2.2.2 and 2.0.11. (Who’s still using the 2.0 branch – shame on you! Oh right, that would be me…don’t worry, not here!)

So get to work boys and girls! And don’t forget:

  1. Back up your database!
  2. Back up your theme (just in case)!
  3. Deactivate all plugins!
  4. Pray to your lord!
  5. Upgrade!
  6. Pray some more!
  7. Reactivate your plugins!
  8. Enter the URL of your site in your browser. Close your eyes. Open your eyes.
  9. It worked!
  10. or Aaarghhh – what are all these PHP errors?

Now rinse and repeat for all your blogs and clients’ blogs.

Joost de Valk says it’s much easier to upgrade from Subversion. Sounds scary to me, but for those of you who actually know what Subversion is, maybe this tip will help make this all-too-frequent event a little less painful.

Happy upgrading!