Click Here To Download John Chow's Newest eBook - The Ultimate Online Profit Model

WordPress 2.3.2 Available for Download

written by John Chow on December 29, 2007

Download my FREE eBook!

WordPress has just released an urgent security update for the 2.3 series. If you’re blog is powered by WordPress 2.3, then you should upgrade to this latest version right away. The upgrade fixes a security bug that allows people to view your timestamped posts. You may have seen a few posts around Blogsphere showing how to see what Shoemoney is going to post tomorrow. Well, once Shoe upgrades his WordPress, you won’t be able to do that anymore.

WordPress 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. There’s also a bonus that allows you to define a custom DB error page. See the full list of changes here.

This is not a major release and as such it will not change your DB structure. Upgrading should be as easy as uploading and replacing the old WordPress files. That’s what I did anyway. You can see a list of full bug fixes here.

Download WordPress 2.3.2

Did you enjoy this post? Get John Chow Dot Com updates via email...

Stay up to date with all of John Chow’s tips for making money online and blog posts by subscribing via email. Your email will be kept private and never shared with anyone.


Net Audio Ads The Next Big Thing! December 29, 2007 at 4:16 pm

WordPress Never Stop !!

SEO Optimization December 29, 2007 at 8:18 pm

Well at least they do improve and serve us with more secure platform rather than just ignore the bugs.

Shaun Carter December 29, 2007 at 4:41 pm

I know that if you know the URL of a post you can view it before it goes live but I didn’t know there was another way.

I better go update now.

mahdi yusuf December 29, 2007 at 7:51 pm

does anybody else know, how? it could be cool as a little test

Mike Goad December 29, 2007 at 4:45 pm

I noticed the time stamp issue and thought that it shouldn’t work that way, but then just dismissed it. I guess that for the A-list bloggers, it could be detrimental for others to see your post before it’s officially published.

Gary R. Hess December 29, 2007 at 4:53 pm

Thanks! I probably wouldn’t have updated until much later if it wasn’t for this post :grin:

Nicholas James December 29, 2007 at 4:56 pm

Thanks, i’ll be upgrading my blog shortly. :razz:

Dave Starr --- ROI Guy December 29, 2007 at 5:56 pm

Good catch and good explanation, John. Funny, I took more than an hour off to drink coffee and work down the list of un-reads in my feedreader this morning and I didn’t come across anyone else mentioning this until I got to you (saving the best ’til last ;-)).

I highly recommend techie-buzz’s automatic update plug-in. makes these upgrades a snap and also let’s you do backup as part of the process very painlessly. It’s available at:
for those who hate manual piece by piece updating.

Inspired Epiphany December 29, 2007 at 6:46 pm

Thanks for the info John… and thanks for the link to the Wordpress plugin Dave, it’s gonna make updating all my blogs that much faster! :smile:

Shirvo Jones December 29, 2007 at 6:00 pm

Good work Mr Chow. I just read it here first! The automatic updater you turned me on to wrks a treat as well. Cheers! :razz: December 29, 2007 at 6:27 pm

Yes I saw on my blog Dashboard about New Version Update i didnt update yet , I wanna do this soon :roll:

Mike Huang December 29, 2007 at 6:35 pm

Darn! If only I knew about this earlier, so I could have sneaked into posts ;)


Blogging Beat December 29, 2007 at 6:44 pm

Dam, I’ve like 6 blogs that will need updating. Thanks for the heads up.

vangardx December 29, 2007 at 7:23 pm

use the will be easier and fun :D

Richard Bizick December 29, 2007 at 7:23 pm

no one can read my timestamped posts :smile:

mahdi yusuf December 29, 2007 at 7:49 pm

goooooo wordpress!

Joy December 29, 2007 at 8:20 pm

Thanks a lot for the heads up!

David Chew December 29, 2007 at 8:34 pm

For people who want to have a full secure on his work or personal detail, upgrading would be a good idea. Thanks for showing us John.

Contest Beat December 29, 2007 at 8:50 pm

Thanks for the heads up

ImageGag December 29, 2007 at 9:01 pm

Newbie question. I’ve never done this before. Will I lose all of the tweaks, such as custom header, installed widgets, and other stuff that I’ve done?

If so, is there an easy way to get everything back? I just don’t want to end up back at the basic Kubrick design. Thanks a lot.

seo audit December 30, 2007 at 12:57 am

No you will not lose those.Made a backup anyway before upgrading.

ImageGag December 30, 2007 at 12:01 pm

Will do. Thank you.

Steve! December 30, 2007 at 12:29 am

I’m still updating. Heck, I never knew you could see what Shoe was posting, before he posted it.

seo audit December 30, 2007 at 12:56 am

Thx for the tip.

Etienne Teo December 30, 2007 at 1:08 am

Wordpress just continues to updates and give the best to it’s users.

Simon December 30, 2007 at 2:28 am

Thanks for the heads up on this John.

Cash Dominator - Money Maker December 30, 2007 at 3:13 am

Thank you for the info about the update. Security is the first. :)

Nullamatix December 30, 2007 at 5:37 pm

After the upgrade several of my plug-ins stopped working. Specifically, Brian’s Threaded Comments, and WP-Cache. Anyone else running into this? My comments look terrible now.

Dean Saliba December 30, 2007 at 7:49 pm

I know what I did find, my theme no longer displays correctly, I had to go back to 2.3.1 to get it to work properly again.

krazl December 30, 2007 at 9:05 pm

Here technical reason documentation.
=== WordPress Charset SQL Injection Vulnerability ===

The Skinny On January December 30, 2007 at 9:51 pm

I don’t know if I’m going to upgrade right away or not. Decisions, decisions.

BlackHatDomainer December 30, 2007 at 11:06 pm

Thanks for reporting it, John. My blog jumped from 50 to 200 subscribers today. ;)

MoneyNing December 31, 2007 at 9:36 am

For many, they rather people read their timestamp posts since it gives them one more visitors :twisted:

GodWin January 6, 2008 at 1:54 am

“If you’re blog is powered by WordPress”

No, I am not a blog.