WordPress 2.3.3 – Urgent Security Release

WordPress Logo

WordPress 2.3.3 has been released today to fix a flaw in the xmlrpc.php

WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog.

There are also a few other minor bug fixes in this version, but if you wouldn’t mind them and just want the security fix, then download just the xmlrpc.php (just 60KB) and replace it with your existing copy.



  1. Johnny - February 6, 2008 @ 2:21 am

    thanks for such important info

  2. Vincent - February 6, 2008 @ 2:38 am

    No problem, you’re welcome 🙂 In fact, the update is posted on your WordPress admin dashboard, just that you might have missed it. Thanks for dropping by anyway.

  3. vickie - February 13, 2008 @ 1:47 am

    thanks for telling this issue. Just downloaded the php file… will be great if anyone able to make a wordpres upgrade plugin

Leave a Reply

Your email address will not be published / Required fields are marked *