Urgent Security Fix, Please Update Now!

This article is deprecated! Any technical information refers to software versions that are now obsolete. Please visit the DIYthemes Blog for current updates, or check out the old Thesis Blog for a treasure trove of website marketing insights.

Update: This security fix has been resolved on September 11th, 2008. If you downloaded and installed Thesis after that date, you’re good to go.

Yesterday evening, I learned that Thesis had a security vulnerability on search results pages that could potentially give would-be hackers an entry point into your WordPress installation. Fortunately, the fix is extremely simple, and it’s available now.

For the record, all future Thesis theme downloads will include this vulnerability fix, so if you download the entire package after the time this article was posted, you won’t have to worry about instituting the fix yourself.

All versions of Thesis are affected by this security vulnerability.