- Open the
wp-includes/template-functions-category.php
file in a text editor like Wordpad. - Go to around line 103 where it says
get_the_category_by_ID
. - Create a new line after that and paste in
$cat_ID = (int) $cat_ID;
UPDATE: How to Blog has MOVED! Please update your bookmarks and feeds! The new address is :
http://www.emilyrobbins.com/how-to-blog/
and all new posts and post updates will be made there! Comments and trackbacks at this location are now closed -- please visit the new How to Blog site in order to add a comment or a trackback and see updates to existing posts as well as all new posts from this point forward!
« Troubles getting BlogJet to work with WordPress? You need to upgrade to WordPress 1.5.1.1 | Main | OFF-TOPIC: Free Sony PSP and Free Xbox 360 offers turn out to be authentic, but only the ones from Freepay/Gratis Internet - and I actually got a free PSP! »
May 27, 2005
Here we go again - another WordPress Update to fix a security vulnerability
Please update your bookmarks to reflect the new, permanent location of How to Blog. Comments and trackbacks on this post are now closed. If you wish to comment on this post, please visit the new site! Thank you!
-----------------------------------------------------------------------------------------------------------------------
Boy – this sure is starting to sound like a broken record. WordPress 1.5.1.2 has now been released to fix a security vulnerability.
According to the developers:
It has come to our attention that under certain circumstances there is a security vulnerability in WordPress that may be triggered if you’re running the default template. We were able to respond very quickly (under 40 minutes) and update the download to 1.5.1.2. You can upgrade by overwriting your old 1.5 files or if you would like to apply the fix manually it is relatively simple:
One note, even if the vulnerability was present in your blog, you would still be safe if your host ran
mod_security
on their servers. It is an Apache module which can provide very high-level protection against everything like the vulnerability above to comment spam. We will be updating the hosting page shortly to reflect which hosts there supportmod_security
or not.
So, if I understand what they’re saying correctly, the vulnerability only affects users who are running the default template…? Nonetheless, I’d go ahead and make the upgrade (or just do the manual fix) – never want to chance having a security hole. Oy.
May 27, 2005 in Weblogs, WordPress | Permalink | Email This Post
Bookmark with del.icio.us, add to Yahoo!MyWeb or Digg This!
Comments
Not to mention that in 1.5.1.2 pingback and trackback sending is broken.
So the patch which was a fix(1.5.1.2) to a fix(1.5.1.1) to a fix (1.5.1) ( http://blog.taragana.com/index.php/archive/oh-no-yet-another-wordpress-fix-to-a-fix-to-a-fix/ ) needs another fix!
I am not comfortable with the state of things here.
Posted by: Angsuman Chakraborty | Jun 5, 2005 12:23:47 PM
Thanks for the info. This wordpress updating is getting a little tiring... oh, well... it's free, for now....
Posted by: Neil | Aug 23, 2005 11:21:30 PM
The comments to this entry are closed.