Yes, WordPress and XOOPS are two completely separate projects, but they do have at least one thing in common. Both Web applications were updated this past week to address known security vulnerabilities.
WordPress 2.3.2 was released to fix some very significant security bugs. The release addresses an exploit that can be used to expose your draft posts. WordPress 2.3.2 also "suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations".
There is one new feature included with WordPress 2.3.2, this version allows you to define a custom database error page.
XOOPS 2.0.18 was released mainly as a security fix release. Some of the significant changes includes:
- Added sanitizing to integer parameters before being used in database query to avoid SQL injection
- Added sanitizing to XOOPS form elements to avoid XSS
- Added theme "zetagenesis" as experimental step towards XOOPS 3.0 theme engine
- Improved permission check in comments
So if you want to start 2008 in a very secure way, spend this last day in 2007 downloading the latest versions of WordPress and XOOPS and being update you sites. Most likely, it will be time (less than an hour, right?) well spent.