If you weren’t already aware, the gang at WordPress just shipped a pretty critical security update. In fact, it’s kind of a big deal. So much so that I went around and patched all my sites the second their update on the matter hit my phone.
Since I’ve put a lot of energy into helping folks recover their hacked sites as of late, I figured I’d draw up a quick Twitter PSA for a few of my friends who make a living thru their WP sites:
You *really* need to upgrade the copy of WordPress on your blog when you get a chance. Go to “Dashboard > Updates” in wp-admin to run one.
After sending that out as a direct message a handful of times, I figured that some of the other nerds out there might appreciate having that too. So here it is — free to use it as you see fit!
P.S. Should you not know how to check the version number on a friend’s WordPress site you can normally locate it using one of two methods:
- Use view source in your browser and then do a find for “generator”. That should show you the meta tag that WordPress inserts into the page for usage metrics and such.
- Add “readme.html” to the end of the blog URL. This doesn’t always work, but most folks leave the WordPress ReadMe file (which contains WP’s version number) in place.