We recommend everyone update immediately, particularly if your blog has open registration. The vulnerability is not public but it will be shortly. In addition to the security fix, 2.5.1 contains over 70 bug fixes.
54
Wordpress 2.5.1 Security Update
Post written by Jeremy Schoemaker
Hi I am Jeremy Schoemaker and ShoeMoney.com is my blog. 99% of the post here are done by me but you will see others occasionally make guest posts. This blog is fun to write but for my day job I run several online companies.
More about Jeremy at http://www.shoemoney.com!
Sharing is Caring...
Disclaimer
Before acting on this post, be sure to read my Disclaimer.
- Comment Likes 
- Comment Dislikes
May 7, 2008 at 1:04 pm
Hm, not bad…guys are not sleeping.
A week ago I got 2.5 version…now it is time to get 2.5.1…or to wait for 2.5.2 better???
May 7, 2008 at 1:02 pm
Sorry, where did you get this plugin?
May 6, 2008 at 6:32 pm
You have to stay up to date.
Or be thrown int a pit of haxors who will have their way with your site
menacing laugh
May 5, 2008 at 7:01 am
How can i make money i have no income at all.
May 5, 2008 at 2:31 am
this is why i stuck with the version that best suits me
May 4, 2008 at 7:42 pm
i really like the very last version!
May 2, 2008 at 12:22 am
Hey Shoe, you posted earlier about the issue of pre-2.33 blogs being compromised by the hijacking of the admin cookie. You recommended a *clean* install of 2.33, rather than an upgrade to 2.33.
Fast forwarding to now, if my 2.33 blog was infected with SQL injected spam in the same way as above, should I do a *clean install* of 2.5.1, or will simply *upgrading* to 2.5.1 solve the problem?
Thank you sire!
May 1, 2008 at 3:31 pm
hahah, imaging if it was Microsoft. Well at least Wordpress takes responsibility and updates regularily
May 1, 2008 at 2:19 pm
It’s nice to see the gravatar built into the 2.5 versions.
May 1, 2008 at 10:54 am
I havent even upgraded to 2.5 yet….I am still waiting, for like dunno what lol. I think I will do it this weekend or next week….and what is this auto upgrade plugin? please help.
May 1, 2008 at 10:53 am
I have no idea but my comments arent appearing with name “Mayank”…so I am trying back the old name “Mayank Rocks”
April 30, 2008 at 4:27 pm
I wish I hadn’t upgraded to 2.5. I knew better. Every upgrade they come out with is followed by security and bug fixes!
April 28, 2008 at 1:20 pm
Looks like it was already found a bug in 2.5.1. When you forget your password, ask for a new one and WP sends you a link to click. this links don’t work.
April 28, 2008 at 12:52 pm
Is there an easier way to upgrade? I”ve only done it once, and it took quite a while since I don’t know what I’m going.
Back up first, then delete, then reinstall, then re-import.
April 28, 2008 at 9:13 am
That’s the annoying bit. Fantastico is always a week or so behind the curve.
April 28, 2008 at 9:12 am
It seems like they come up with one every two weeks.
April 28, 2008 at 9:11 am
I’m not liking Wordpress 2.5 anyway. I feel like 2.3 was more user-friendly.
April 28, 2008 at 4:36 am
But it makes slow when you post your posting. Have any body face the same problem with me?
April 27, 2008 at 5:42 pm
Great info here, thanks!
April 27, 2008 at 4:45 pm
yes right, update wordpress will also increase for security blog
April 27, 2008 at 4:34 pm
Thanks for the heads up I will use.
April 27, 2008 at 2:54 pm
Progress won’t necessarily appeal to everybody, but eventually everybody will haqve to upgrade to stay current with technology streams. Be happy that this is not a Microsoft product. Can you imagine?
April 27, 2008 at 2:51 pm
It is awesome to see the enthusiasts and users of a tool like wordpress interact and inform each other of important updates and the like. Truly viral in my opinion.
April 27, 2008 at 11:26 am
Damn updates are annoying
April 27, 2008 at 11:16 am
OMG! Do you want to say that 2.5 has 70 bugs? Is that why there is SEVENTY bug fixes in 2.5.1.?
O_O
Updating is the urgent case!
April 27, 2008 at 7:01 am
In fact, it is very easy!
Download wordpress 2.5.1
Upload it on your web folder
Go to /wp-login
Press a Button
Done!
April 27, 2008 at 5:06 am
thanks for the update man y i upgraded to 2.5 :S i have to upgrade it again now :S
April 27, 2008 at 2:29 am
How to do this upgrade ?
fantastico – still not available…
April 26, 2008 at 8:02 pm
I just had to log on to wordpress to know about it since it says right up top when your Wordpress version needs updating, but it’s good when blogs post it I guess for those that don’t read their dashboard when they log in
April 26, 2008 at 3:01 pm
wwwwwow lots of bugs got squashed with this update!
April 26, 2008 at 2:38 pm
Read about this in many other blogs too.. Will have to upgrade now!
April 26, 2008 at 12:20 pm
Update only took less then a few mins. It was painless-
April 26, 2008 at 5:46 am
Hey I know how you guys feel with the tedium of upgrade but remember they are usually months apart and essential to keep your site secure from Malware and Hackers.
Think of it as just another day in the life of a blogger!
April 26, 2008 at 3:41 am
Where is this mysterious auto update plugin you speak of? I could of course do a quick google search for this,. However it’s saturday morning I’m hungover and feeling lazy
April 25, 2008 at 10:08 pm
It only sucks when your installed with services like fantastico that seem to take weeks to show changes in current versions for install / upgrade.
April 25, 2008 at 9:39 pm
70 bug fixes! wow…
April 25, 2008 at 8:33 pm
It is simple to upgrade even without the auto upgrade plugin, although I’m not as fast as those of you who do it in 2 seconds.
~Terry
April 25, 2008 at 6:08 pm
Very easy upgrade, even though I upgraded manually. I’ll definately be looking into the upgrade plugin though
April 25, 2008 at 5:59 pm
Do you know where i can get good instructions for upgrading without fantastico?
April 25, 2008 at 5:24 pm
Install the Auto Upgrade plugin. Press the button and upgrade.
April 25, 2008 at 4:53 pm
Thanks for the update. I caught it on your Twitter feed.
April 25, 2008 at 4:30 pm
for who? is fantastico up to date? seems most places have not updated the panel/fantastico combo if fantastico is up to date…
April 25, 2008 at 3:08 pm
I heart Subversion!
April 25, 2008 at 2:44 pm
I will update soon. I like the new version but I care about security too.
April 25, 2008 at 2:20 pm
Thank you for the update.
April 25, 2008 at 1:34 pm
ahhh yes… and this is why I have yet to update my wordpress.. even though it takes like 2 seconds.. i shall still wait about a month more till i update..
April 25, 2008 at 1:32 pm
Grrr. I, too, just finished upgrading to 2.5 for all of my sites (due to hackers inserting malware into my php) and each time it took at least 20 minutes for each and I had to redo all the header and footer code and re-ftp the custom header and mess with plugins and some other crap.
Thanks for the info.
April 25, 2008 at 1:28 pm
I upgraded to 2.5.1 in about 2 seconds like Shoe said… auto upgrade plugin FTW!
April 25, 2008 at 1:28 pm
I’ll upgrade right now. How can I change the theme for WP 2.5?
April 25, 2008 at 1:18 pm
it takes 2 seconds
not that difficult
April 25, 2008 at 1:16 pm
I think the interface is great. I personally love to see people/organizations trying to push technological boundaries. I also think wordpress as a platform is an ideal project in which to encompass these new technologies.
April 25, 2008 at 1:14 pm
Sigh… I literally upgraded to 2.5 yesterday. Why is that always the way?
April 25, 2008 at 1:13 pm
OMG… so many bugs.
I should have not upgraded.
I dont like the interface too.