I hoped the required fixes would be included in the 2.0.2 release. Or are these the snake-oil reports that went out on some security lists a few days ago. I for myself can say that the XSS vulnerability is for real.
Anyway, I patched my updated 2.0.2 installation and could provide patching instructions, patched files, or a patch file (whew … too much patchwork in this sentence ;-))
You can find some more information in my (WordPress powered ;-)) Blog: WordPress 2.0.2 Security Release
Hope to hear from you soon,
- The topic ‘Security Advisory’ is closed to new replies.