I’ve checked a few blogs, and some of you are not running the latest version of WP which is
There IS a security issue with previous versions. It has been reported in the forums so there will be people out there trying these exploits. Upgrade your blog!

  • Upgrade to
  • Then delete the following files:install.php, install-helper.php, upgrade.php, upgrade-schema.php
  • Install IOError’s Bad Behavior plugin
  • And while you are there, make sure your login password is a good one. Make it at least 8 characters and a mix of numbers, lower-case and upper-case letters. If you have other members with admin priviledges, nag them too about this.
  • If you are okay doing in phpMyAdmin, you should change your ‘table_prefix’. It’s set in the wp-config file and if you just change it there you will get an error so you need to change all of them in the database.

10 thoughts on “Upgrade!

  1. Pingback: Development Blog
  2. Pingback: Peter Westwood
  3. Hello Mark
    I looked for these files and can’t find them, Some kind person must have done it for me ;)?
    I read somewhere that there was no need to do a full update to Instead just copy over a line of code. Damn if I can remember who’s blog I got it from ? However it did not change the version number to
    I saved the line of code but erm can’t find it now. Did anyone else do this ?
    Bad behaviour was done last week and stop comment spam dead.

    spell check gone wonky Mark

  4. follow up to my previous post. I found the manual fix which is as follows; here is the link

    Please note this does not update the version number to it just stays as

    1. Open the wp-includes/template-functions-category.php file in a text editor like Wordpad.
    2. Go to around line 103 where it says get_the_category_by_ID.
    3. Create a new line after that and paste in $cat_ID = (int) $cat_ID;

  5. That IS the security fix yes, though there was a glitch or two elsewhere fixed I think, so a full upgrade is what I would recommend.

    As it stands, with a single line of code someone can fully access your site.

Leave a Reply

Your email address will not be published. Required fields are marked *