WordPress 2.3.2 Available for Download

WordPress has just released an urgent security update for the 2.3 series. If you’re blog is powered by WordPress 2.3, then you should upgrade to this latest version right away. The upgrade fixes a security bug that allows people to view your timestamped posts. You may have seen a few posts around Blogsphere showing how to see what Shoemoney is going to post tomorrow. Well, once Shoe upgrades his WordPress, you won’t be able to do that anymore.

WordPress 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. There’s also a bonus that allows you to define a custom DB error page. See the full list of changes here.

This is not a major release and as such it will not change your DB structure. Upgrading should be as easy as uploading and replacing the old WordPress files. That’s what I did anyway. You can see a list of full bug fixes here.

Download WordPress 2.3.2


38 thoughts on “WordPress 2.3.2 Available for Download”

    1. Well at least they do improve and serve us with more secure platform rather than just ignore the bugs.

  1. Shaun Carter says:

    I know that if you know the URL of a post you can view it before it goes live but I didn’t know there was another way.

    I better go update now.

    1. mahdi yusuf says:

      does anybody else know, how? it could be cool as a little test

  2. Mike Goad says:

    I noticed the time stamp issue and thought that it shouldn’t work that way, but then just dismissed it. I guess that for the A-list bloggers, it could be detrimental for others to see your post before it’s officially published.

  3. Gary R. Hess says:

    Thanks! I probably wouldn’t have updated until much later if it wasn’t for this post πŸ˜€

  4. Thanks, i’ll be upgrading my blog shortly. πŸ˜›

  5. Good catch and good explanation, John. Funny, I took more than an hour off to drink coffee and work down the list of un-reads in my feedreader this morning and I didn’t come across anyone else mentioning this until I got to you (saving the best ’til last ;-)).

    I highly recommend techie-buzz’s automatic update plug-in. makes these upgrades a snap and also let’s you do backup as part of the process very painlessly. It’s available at:
    http://techie-buzz.com/wordpress-plugins/wordpress-automatic-upgrade-plugin.html
    for those who hate manual piece by piece updating.

    1. Thanks for the info John… and thanks for the link to the WordPress plugin Dave, it’s gonna make updating all my blogs that much faster! :smile:

  6. Shirvo Jones says:

    Good work Mr Chow. I just read it here first! The automatic updater you turned me on to wrks a treat as well. Cheers! πŸ˜›

  7. vhxn.com says:

    Yes I saw on my blog Dashboard about New Version Update i didnt update yet , I wanna do this soon :roll:

  8. Mike Huang says:

    Darn! If only I knew about this earlier, so I could have sneaked into posts πŸ˜‰

    -Mike

  9. Dam, I’ve like 6 blogs that will need updating. Thanks for the heads up.

    1. vangardx says:

      use the plugin..it will be easier and fun πŸ˜€

  10. no one can read my timestamped posts :smile:

  11. mahdi yusuf says:

    goooooo wordpress!

  12. Joy says:

    Thanks a lot for the heads up!

  13. David Chew says:

    For people who want to have a full secure on his work or personal detail, upgrading would be a good idea. Thanks for showing us John.

  14. Contest Beat says:

    Thanks for the heads up

  15. ImageGag says:

    Newbie question. I’ve never done this before. Will I lose all of the tweaks, such as custom header, installed widgets, and other stuff that I’ve done?

    If so, is there an easy way to get everything back? I just don’t want to end up back at the basic Kubrick design. Thanks a lot.

    1. seo audit says:

      No you will not lose those.Made a backup anyway before upgrading.

      1. ImageGag says:

        Will do. Thank you.

  16. Steve! says:

    I’m still updating. Heck, I never knew you could see what Shoe was posting, before he posted it.

  17. Etienne Teo says:

    WordPress just continues to updates and give the best to it’s users.

  18. Simon says:

    Thanks for the heads up on this John.

  19. Pingback: Simon Lau
  20. Thank you for the info about the update. Security is the first. :)

  21. Nullamatix says:

    After the upgrade several of my plug-ins stopped working. Specifically, Brian’s Threaded Comments, and WP-Cache. Anyone else running into this? My comments look terrible now.

  22. Dean Saliba says:

    I know what I did find, my theme no longer displays correctly, I had to go back to 2.3.1 to get it to work properly again.

  23. krazl says:

    Here technical reason documentation.
    === WordPress Charset SQL Injection Vulnerability ===
    exact=1&sentence=1&s=%b3%27)))/**/AND/**/ID=-1/**/UNION/**/SELECT/**/1,2,3,4,5,user_pass,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/**/FROM/**/wp_users%23

  24. I don’t know if I’m going to upgrade right away or not. Decisions, decisions.

  25. Thanks for reporting it, John. My blog jumped from 50 to 200 subscribers today. πŸ˜‰

  26. MoneyNing says:

    For many, they rather people read their timestamp posts since it gives them one more visitors 😈

  27. GodWin

    says:

    “If you’re blog is powered by WordPress”

    No, I am not a blog.

Comments are closed.