Performancing Metrics

WordPress 2.8.2 Released: Security Update

So, we’ve been given another release of WordPress 2.8, so those that upgraded last week to 2.8.1 have to go back and upgrade to 2.8.2 now as there was a security flaw found, and as we all know, security issues are the most important reasons for patching your WordPress installations.

WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.

I am not sure of any other changes with this release, but does the built-in upgrade tool mean that we will see more constant patch releases and if so, will this frustrate any of you?

Categories: WordPress News

This post was written by . You can visit the for a short bio, more posts, and other information about the author.

Comment with Your Facebook Account


  1. Laura Conrad says: 7/20/2009

    I have two wordpress blogs, and for one of them the automatic upgrade works, so it’s pretty trivial, and I’d rather get updates sooner than batched. For the other, the automatic upgrade doesn’t work, so having to upgrade twice in a week is a nuisance.


  2. Luis ) says: 7/20/2009

    I manage several sites, three of my own are on WordPress code, I feel that if a security exploit is in the wild and this can have serious implications in the future, like having to rebuild your MySQL database, I have to upgrade whether it annoys me or not. With that said, I love the automatic update feature, too bad WordPress MU, and bbPress do not have this feature yet.


  3. timethief says: 7/20/2009

    Thanks for the heads up. It’s been a crazy summer so far so I hope all the crazymaking is done. Although I am shy about commenting, l appreciate your blog posts all year round. I just went through a nightmarish situation 2 weeks ago when my web host’s servers (A Small Orange) were hacked. Their staff was excellent and my site was restored from backup. Then came wordpress upgrade to 2.8.1last week and even more problems with my site going offline which appear to be rectified. The automatic upgrade is not fail safe so I don’t use it. So now comes the 2.8.2 upgrade … groan.


  4. shaunjudy says: 7/21/2009

    I love wordpress no matter how many times I have to upgrade it…And at least they found the issues pretty fast.