WordPress Security Update

Looks like there’s a security vulnerability in WordPress if you’re running the default theme. Here’s a little bit from the WordPress Development Blog:

It has come to our attention that under certain circumstances there is a security vulnerability in WordPress that may be triggered if you’re running the default template. We were able to respond very quickly (under 40 minutes) and update the download to 1.5.1.2. You can upgrade by overwriting your old 1.5 files or if you would like to apply the fix manually it is relatively simple:

1. Open the wp-includes/template-functions-category.php file in a text editor like Wordpad.
2. Go to around line 103 where it says get_the_category_by_ID.
3. Create a new line after that and paste in $cat_ID = (int) $cat_ID;

Read about the entire thing here. Glad I’m not using the default theme! I’ve hacked this theme so much I wouldn’t be suprised if I’ve opened up some vulnerability…yah right. 😉