WordPress 2.8.4 Released

Written by Kevin on 12 August, 2009 | Posted in - WordPress News

WordPress have released 2.8.4 to address a security issue. Seems like hackers could have caused a lot of problems with this.

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

If you are using 2.7+ then you should be able to update WordPress directly from your admin area. If you are using an older version, I recommend downloading and installing the latest release.

Better safe than sorry!

Kevin

Tweet This Post

No Responses so far | Have Your Say!

Categories
Recent Posts
Follow Us @BlogThemesClub
- Upgrades to Invictus and Profectus: Further to my post at the start of the week about upgrades to Anima and Kron.. http://bit.ly/xabzc 2009-08-23
- Enrich your blog posts with Insights: Jonathan Soroko from Wordpress Blue emailed me about his favourite must ha.. http://bit.ly/djoDY 2009-08-20
- Change The Color Of Your Blog With WP Chameleon: One of the reasons WordPress is so widely used is because of ho.. http://bit.ly/h2E6X 2009-08-18
- More updates...
Archives
Top Commentators
- No commentators.
Stats

WordPress 2.8.4 Released

No Responses so far | Have Your Say!

Leave a Comment

Categories

Recent Posts

Follow Us @BlogThemesClub

Archives

Top Commentators

Stats