It seems that another vulnerability has been discovered, this time in WordPress 2.1.2. According to Secunia, it can be “be exploited by malicious people to conduct cross-site scripting attacks.” Doesn’t sound very nice.
This just justifies my Dad’s approach to computer and software upgrades – if it ain’t broke, don’t fix it, at least not until everyone else has discovered all the bugs and breaches and everything has been ironed out. (My Dad is a bit extreme in his approach – he still uses Lotus 1-2-3 as his spreadsheet of choice – the non-Windows version!) Everyone jumped to upgrade to WordPress 2.1.2 when a security breach was discovered, but now it looks like there will have to be another upgrade very soon. It makes me happy that I left my other blog running on good ‘ol stable WordPress 2.0.5.
Oh well. I guess the good thing out of all of this is that I’ll become an expert on upgrading WordPress. Yay.