According to the Wordpress development team:
“Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.”
The Wordpress team fixed this problem last night and have been testing the fixes and looking for other problems since then.
Download The Specific Files
If you’re running Wordpress 2.7 or later, then you can simply use your automatic upgrade function built right into your version to make the upgrade, but if you’re running an earlier version or like me you sometimes have problems with the automatic upgrade utility, there is a separate file you can download and install manually that contains only the modified wordpress files.
You can download only the files modified straight from Wordpress.org by clicking here.
What are your thoughts on how often Wordpress releases upgrades? Security releases are unquestionable, but what about release that simply change look and functionality? Do you think they release new version too often?
Get a Gravatar
Loading ...
My name is Steven Sanders and I'm a Professional Blogger, Izea Insider, Web Designer, Social Media Enthusiast, Dad, Husband, and Friend.
Thanks for this file, I will certainly download it again, it good to know that i can upgrade it with this file you have provided. This will surely be a great help for my wordpress.