WordPress blog operators - Heads Up!



While I generally prefer not to publicize exploitable weaknesses in web applications, there are times when such a weakness is already public, and no additional harm is likely to come from discussing it and encouraging others to apply the appropriate “fix”.

Such is the case, I believe, with one WordPress plugin for managing permalinks: Dean’s Permalilnks Migration Plugin version 1.0

If you are running this plugin on your WordPress site, you really do need to address the recently exposed issue discussed on the Weblog Tools Collection blog.

A “fixed” version of the plugin that addresses the problem is reportedly available via a link in the article referenced above.