Urggh..it is upgrading time once again for [tag[Wordpress[/tag] users. This time, it comes with a warning that it is a required upgrade.
Unfortunately, 2.2.1 is not just a bug fix release. Some security issues came to light during 2.2.1 development, making 2.2.1 a required upgrade. 2.2.1 addresses the following vulnerabilities:
* Remote shell injection in PHPMailer
* Remote SQL injection in XML-RPC Discovered by Alexander Concha.
* Unescaped attribute in default theme
I am not sure what are those stuffs but to me, it means another round of downloading, uploading and keeping fingers crossed that the upgrade is smooth. Luckily, there is the ‘Deactivate all” button for the plugins and also the widgets.
Looks like it is going to be a busy weekend ahead with all the dozen blogs I have. I will report when I have upgraded a few blogs.
Get your WordPress 2.2.1 here.