1) re 2.3.3 - Is version 2.3.3 secure? Are there any security issues with this version?

There have been some whispers in the dark so to speak, but no hard evidence that this version is vulnerable, see: http://blogsecurity.net/wordpress/wordpress-231-sql-injection-vulnerability/

2) re 2.5 - Are the 3 security file updates in the 2.5.1 upgrade only for 2.5? Does the security hole that is fixed in 2.5.1 exist in 2.3.3 as well?

No, I believe 2.3.3 is unaffected by some of the recent vulnerabilities in 2.5x.

3) Can I safely assume that if WordPress’s “Hardening WordPress” procedures
http://codex.wordpress.org/Hardening_WordPress

or BlogSecurity.net’s “How to create a secure WordPress install v1.1″
blogsecurity.net/projects/secure-wp-whitepaper.pdf

are applied that ANY version of WordPress would then be secure?

Applying these guidelines would certainly provide additional layers of security buying you time to apply the needed fixes as they are released, however, it cannot guarantee your security.

4) It seems that 2.5.1 only has feature enhancements?
Do I have to go with version 2.5.1 for security reasons?

At the moment a number of people are still using the latest 2.3x branch, however, WordPress does suggest you upgrade to 2.5.1.

Hope this helps.

I have several questions regarding security and version 2.3.3.

1) re 2.3.3 - Is version 2.3.3 secure? Are there any security issues with this version?

2) re 2.5 - Are the 3 security file updates in the 2.5.1 upgrade only for 2.5? Does the security hole that is fixed in 2.5.1 exist in 2.3.3 as well?

3) Can I safely assume that if WordPress’s “Hardening WordPress” procedures
http://codex.wordpress.org/Hardening_WordPress

or BlogSecurity.net’s “How to create a secure WordPress install v1.1″
blogsecurity.net/projects/secure-wp-whitepaper.pdf

are applied that ANY version of WordPress would then be secure?

4) It seems that 2.5.1 only has feature enhancements?
Do I have to go with version 2.5.1 for security reasons?

Will have to take a look at this in more detail.

The plugin will monitor your WP-posts and pages. Whenever an entry has been changed it informs you via email. So if you receive an email and you have nothing changed you should have a closer look at your post or page. Maybe somebody changed your post or page to include a spam-link (e.g. links to OnlineCasino, adult-content are very popular).

The plugin can be downloaded here: http://wordpress.org/extend/plugins/digowatchwp/

Ciao
digo
http://www.showhypnose.org

I can’t think of any immediate security concerns, unless the Gravatars server is actually compromised. If this is done, it means an attacker could perform some rather devious attacks, affecting all blogs using Gravatars.

This plug-in will be available through MyDataIsMyData.org. The plug-in (a small toolbar) allows each user to decide what information they will delete off their computer and what they will make visible as well as alerting them whenever they enter a site that is collaborating with a social network to sell their personal information. Selling private information for profit unbeknownst to the user’s is an abuse of their trust and MyDataIsMyData.org hopes to empower these user’s by allowing them to control the amount of personal information that they make visible.