Wordpress Security Release: Wordpress 2.8.4 — Mad Tomatoes

WordPress Security Release: WordPress 2.8.4

If you are not running WordPress 2.8.4, your site is vulnerable!  smbutton-blue WordPress 2.8.4 has been released to fix huge a security hole.  This is the vulnerability that was discovered:

A specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying. /src

If you’ve been thinking about upgrading but haven’t gotten around to it yet, now would be a really good time.  WordPress 2.8.4 is highly recommended for all users of WordPress as this version is a security release which fixes all known problems. Available for download here.

2 thoughts on “WordPress Security Release: WordPress 2.8.4”

Comments

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll Up