Well, it’s time to update your WordPress installation to the latest release (2.3.1) if you haven’t done so yet. Janek Vind has posted a less critical cross-site scripting vulnerability that applies to version <2.3.0. Input passed to the ”posts_columns” parameter in wp-admin/edit-post-rows.php is not properly sanitised before being returned to the user. So this can […]

I finally got around to upgrade to the latest WordPress (version 2.3) and I think it was highly needed due to that I’ve received unwanted comments posted to the blog from unregistered user. The vulnerabilities that have been reported in WordPress lets malicious users to conduct script insertion attacks and to conduct SQL injection attacks. […]