Aug
12

WordPress 2.8.4

I have upgraded to WordPress 2.8.4, because yesterday a vulnerability was discovered by the WordPress team: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

Version 2.8.4 seems to fix all known problems and is highly recommended for all users of WordPress.

Chess playng
Chess playing by Malkolm – Bust it Away Photography

RedditFacebookStumbleuponDiggDel.icio.us WordPress Subscribe to RSS feed

One Response to “WordPress 2.8.4”

  1. Chess Teacher
    October 25th, 2009 at 3:55 pm

    At the moment I am using WordPress 2.8.5, but I won’t always write a special post about the upgrading.

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>