Subscribe to RSS

WordPress 2.8.4 Released

WordPress 2.8.4 Released

Written by

Earlier today, WordPress 2.8.4 was released.

The release is a security update, which primarily fixes one particular bug:

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

Leave a Comment

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

PRIVACY POLICY: Your privacy is important to us. We will never sell or rent your email address and you can unsubscribe at any time.