30 October 2007, 17:48

WordPress update

The latest version, 2.3.1, of the popular WordPress blogging software has eliminated a cross-site scripting vulnerability. With the register_globals option activated, JavaScript can be passed to the wp-admin/edit-post-rows.php module and executed in the browser of the user calling the page. More than 20 other bugs have also been fixed.

Also on The H:

WordPress 3.5.1 tightens security and stops HTML from disappearing
WordPress 3.3.1 closes XSS hole
WordPress 3.1.2 fixes security vulnerability
WordPress 3.1.1 closes security holes
WordPress update fixes vulnerabiliy
Cross-site scripting vulnerability in Wordpress

Channels

Services

WordPress update

Also on The H:

Content Security Policy halts XSS in its tracks

Skype's ominous link checking: Facts and speculation

Password protection for everyone

Two clicks for more privacy

What's new in SUSE Linux Enterprise 11 SP3

What's new in Fedora 19

What's new in Linux 3.10

Free Software post-PRISM

Kernel Log: Coming in 3.10 (Part 4) - Drivers

The trouble with "Business Source"

Kernel Log: Coming in 3.10 (Part 3) - Infrastructure

Whatever happened to Google?

Java EE 7 at a glance

Continuous database migration with Liquibase and Flyway

Unit testing with Node.js

Ruby 2.0 - the 20th birthday present

Linux Mint 15: A better Ubuntu for the desktop

What's new in Linux 3.9

Replacing Google Reader

Attacking TrueCrypt

The H

The H Open

The H Security

The H Developer

The H Internet Toolkit