WordPress 2.8.2 fixes XSS vulnerability
Upon logging in to one of my WordPress blogs this morning, I saw the notification to upgrade to WordPress 2.8.2. Wasn’t WordPress 2.8.1 released just a few weeks ago? Well, I’m thankful that the WordPress developers are keeping on top of security.
WordPress 2.8.2 fixes an XSS vulnerability that was found to exploit comment author URLs through the admin panel. Wow! That’s scary!
Read more about it here: WordPress › Blog » WordPress 2.8.2
I found that using the built-in automatic upgrade does not always work properly and may get stuck at the “unpacking” stage. While you can try the manual upgrade, it can be a very long process. Automatic upgrading has progressed very far and can be completed within seconds. Just ensure that before you update and subsequently deactivate all of your plugins before executing the upgrade in either case. They can be re-activated after the upgrade process is complete.