WP 2.2.1 Is A REQUIRED Upgrade
Security Issues Found in WP 2.2 Requires Your Immediate Attention
I was going to save this announcement for Friday, but I soon came to realize that WP V.2.2.1 is not simply a minor tweaking of the blog platform — if your blog is currently running WP 2.2, then you need to make the upgrade to 2.2.1 ASAP.
Three Security Issues
As reported on the WordPress development page, the following vulnerabilities have been detected in v.2.2 and corrected with the latest update:
- Remote shell injection in PHPMailer
- Remote SQL injection in XML-RPC Discovered by Alexander Concha.
- Unescaped attribute in default theme
I haven’t updated this blog past WP 2.1.3 as of yet, but I do have four other WordPress blogs that run WP 2.2 and will need my immediate attention.
Gee, guess what I’ll be working on today? You got it! 
[...] released a new update last night and as I reported elsewhere, it is a required upgrade. Yes, 2.2.1 addresses some widget and other issues related to v.2.2 but [...]
Wow! I love your new template.
I was just headed over here to see what was new on your site when I saw the aquarium.
I love fish, they are so peaceful.
Thanks, Laura. As you might guess, it is called Aquarium. My last theme developed a problem, so I decided to swap it out. Hopefully, the fixed width of this theme won’t present much of a problem when viewed with various browsers.</i>
Thanks for the WordPress 2.2.1 upgrade info. I haven’t upgraded yet, but will as soon as I can.
With each update I worry if this is the one that will break my template