Why You Should Upgrade Your WordPress to Version 2.2.1

Posted on 28th June, 2007

If you are running WordPress 2.2, it’s mandatory to upgrade to the latest version 2.2.1.

The WordPress community has identified and fixed several bugs and the result is a more stable and polished version 2.2.1.

However, the bugs fix would probably not the main reason why you should upgrade, the latest release also addresses several security issues that allows attacker to take full control of your blog. I’ve seen this happened to a blog recently.

The following vulnerabilities have been addressed in version 2.2.1


Remote SQL injection in XML-RPC
This only affects blogs running WordPress version 2.2 that allow registration or blogs that have registered members. This exploit relies on existing account to perform SQL injection. You can temporarily disable this vulnerability by disabling registration on your blog. To do so, go to Options > General and remove the check mark from “Anyone can register”.

Remote shell injection in PHPMailer
Those using Sendmail to send emails from their blog is vulnerable to this exploit.

Complete updates, changes and fixes addressed in the latest version can be found here.

OK, I know I haven’t upgraded Sabahan.com to the latest version but seriously I will do it today. I have upgraded almost all of my other blogs to the latest version.

While running the upgrade for one of my blogs with WordPress 2.2, I just uploaded the new core system files and overwrite the old files. When I ran the upgrade.php script, it told me that no database changes were required. I didn’t even deactivate my plugins.

The blogs seems to be working fine after the upgrade. Nonetheless, I recommend you to follow the recommended upgrade procedure. It goes without saying that you need to do a backup before performing any upgrade.


An engineer by training, Victor has been working full-time online as an Internet marketer, a programmer and an app developer since 2001. He has been blogging at Sabahan.com since 2006 sharing his experience and teaching people how to make money online. Click here to join his private Facebook Group for bloggers.

  • komirad says:

    Easy update from fantastico! ONE CLICK!

  • dotnetnuke says:

    Thats funny, he tells people to update but he forgots himself lol.

  • Wahlau.NET says:

    haha…really….this is funny

    it is good that my is updated

  • IZDotCom says:

    hongkiat.com was also hacked because he didn’t patch his WP (although he reminded everyone to do so few days earlier) 😛

  • papajoneh says:

    Done on the first day 🙂

  • Kay Kastum says:

    WordPress rocks!

  • >
    Scroll Up

    Sign Up Below... For Tips and Tools to Help You Build a Better Blog

    >> Sign Up Now and get access to:

    • chevron-circle-right
      The exact methods I use to make money
    • chevron-circle-right
      Resources to increase traffic to your blog
    • chevron-circle-right
      The latest updates from Sabahan.com

    We hate spam. Unsubscribe anytime.