Yet Another WordPress Security Hole

WordPress is beginning to become a little like phpbb2 – a security nightmare.
Last night I got a “heads up” from one of our sysadmins that there was another security release, as the WordPress download servers had been cracked!
Lovely!
I upgraded this install as soon as I heard, but of course I forgot to update some permissions etc., which is why it was a wee bit broken until a few minutes ago.
Running around patching and upgrading blogs every few days is not my idea of fun. If it was only once every six months it would be one thing, but the number of holes that WordPress seems to be developing of late may force me to rethink my choice of software in the future.
Movable Type is looking more and more attractive every day!
Full story here

Related Posts:

By Michele Neylon

Michele is founder and CEO of Irish hosting provider and domain name registrar Blacknight.

8 comments

  1. Hey Michele,
    Exactly my concern aswell.
    I’m getting sick of those security issues here, alltho i try to keep in mind that it is free software but still.
    Any experiences on moving wordpress to MT ?
    Rob

  2. Rob
    I’ve never done WordPress > MT, though I have done MT > WordPress
    The main issue I’d expect are the permalinks for older entries
    Michele

  3. Well, to be fair the recent security issue only relates to recently downloaded packages of WP. The post by Matt states that they got hacked 4 days ago. So if you downloaded prior to that then you’re okay.
    I would never dream of moving from WP to another blogging platform.

  5. Conor – that’s one of the reasons why I avoid phpbb2 🙂
    Vbulletin is a lot saner!
    Cormac – Have you tried any of the other blogging solutions?

  6. I think it’s worth highlighting that the WordPress team have dealt with this issue in a professional and responsible fashion, and I’m sure they’ll be conducting proper checks on the security of their servers and their development and publishing processes.
    I hope this issue isn’t going to dent people’s confidence in WordPress too much.

  7. I have heard that most of the security bugs mainly the xss bugs were fixed in version 2.2 Is this true or do they still exist. Also, if there are too a lot of bugs in word press is there a better alternative?

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Exit mobile version