WordPress updated to 2.6.2 (#)

WordPress has been updated to version 2.6.2 following a warning from Stefan Esser about a possible security vulnerability. For blogs with open user registration, a hacker could craft a username to allow resetting another user’s password to a random password. The new password is not disclosed to the hacker, but other another vulnerability helps disclose the password.

As usual, WordPress team recommends upgrading. A handful of other fixes are also included in this upgrade (see changed files).

September 9th, 2008

« Previous post: Interview with a top Digg user; Fun search to to find the suspect
Next post: Create dynamic WordPress sidebars using conditional tags »
Leave a Reply

Note: Comments will be approved by an administrator before publishing, so your comment will not appear immediately. Please be patient and do not re-submit it.