WordPress 2.6.5 Available for Download

written by John Chow on November 25, 2008

WordPress has released version 2.6.5 of their blogging software. This is a security release so everyone must upgrade.

The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.

WordPress is skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

Download WordPress 2.6.5

Did you enjoy this post? Get John Chow Dot Com updates via email...

Stay up to date with all of John Chow’s tips for making money online and blog posts by subscribing via email. Your email will be kept private and never shared with anyone.

Start Your Blog Today!

Free WordPress Installation Service

One of the most common complaint (or excuse) I hear from potential new bloggers is they don’t know how to install WordPress. Terms like FTP and CPanel are like a foreign language and setting up a database might as well be setting up the space shuttle for a launch. Because of the technology barrier, many would-be bloggers never start their blogs...

TYCP Entertainment Magazine

I've always loved the Automatic Upgrade plugin. Makes thing smooth & easy.

share flag

spam
offensive
disagree
off topic

titan

i guess, i will upgrade my wordpress soon. :)

Make money online

nope, i will wait for v 2.7
its heck to upgrade stuffs..

Ryan McLean

When is wordpress 2.7 being released?
That one I am looking forward to.

Forex Directory

Just finished the upgrade, harmless like usually ;-)

Debo Hobo

All done...upgraded and ready to go...:)

Alex Fraiser

I don't understand why so many people complain about getting WordPress upgraded. A big time saver is the WordPress Automatic Upgrade: http://wordpress.org/extend/plugins/wordpress-auto...

Google SEO Tools

Be carefull about that 2.6.4.....

BusinessX

Great heads up about the 2.6.4, I did not know about that! Hope measures are being taken to prevent that from happening again.

Brady Ware

Wow figures. I just bought a domain figured out how to get wordpress installed and now I need to update it. Well I guess no time like the present to learn, I've got another few hours to burn on frustration.

Deborah

Search for plug-ins. There is an upgrade plug-in you can install and upgrading will only involve a few clicks from your WP admin pages...

uwak

thanks for information...the same topic in shoe blog...

Ari Lestariono

Can anyone tell me, the benefit and importnce of these new release wordpress and what will be the impact?thx in advance

John Chow

Sure! If you don't want to get hacked, upgrade!

Seo Creations

Yup, I got 20 blogs hacked out of 100s

Abdul

You're kidding me!! In this case, the hacker would have hacked every blog before the update came out, I mean it takes a little time!

Alex at Net-Entrepreneur.com

What exactly happens when someone hacks your blog? (no need to demonstrate on mine :) I'm running the latest wp)

But seriously, I keep hearing about blogs being hacked here and there because they ran an older version with security holes. But what does it mean?

Cheers,
Alex

PlayGameMakeMoney

As John said, "If you dont' wanna get hacked, Upgrade dew.

If you want your blog to be secured, then you need to upgrade right away.

WinCashPlayGames

http://playcow.com I just upload the older version of wordpress, and now it release a new one again, update too often. i don't even have time to update. LOL

Study Babes

your site is wordpress??

SodLogan

I don't think so. In fact, it uses ASP instead of PHP.

I wonder which blogging platform uses ASP, I'd love to know because I know ASP 3.0 and would love my blog to work on it!

Darn it, it's not a blog just some other Games website!

E-Business Blog

unfortunately, I have upload an older version of WP

Affiliate Confession

Cool, I'll have to run over and get it.

Chris Jacobson

Already updated and ready to go! :)

Trevor

I've just used the security fix only.

No point in upgrading the whole thing when security is the only thing to worry about.

The big thing is Wordpress 2.7. It looks so slick.

Yeah, there is no way anyone can miss that!

Taris J

Thanks for the heads up as to how to simply upgrade the two files for the security fix - very useful for those that don't want to go through a huge pain in the butt!!

WordPress 2.6.5 Available for Download

Did you enjoy this post? Get John Chow Dot Com updates via email...

The Ultimate Blog Profit Model

Active Daily Readers

207,890

=

Sponsors

Premium Sponsor

Recent Posts

About John Chow dot Com

Topics

Resources

Technology

Professional Blog Services

Start Your Blog Today!

Free WordPress Installation Service