WordPress security problem tackled
Wednesday 12th August 2009
Developers behind open source custom web hosting platform WordPress have tackled a security problem related to their latest release.
The problem, which revealed that a specially crafted URL could be requested that would allow an attacker to change password details on WordPress 2.8.4, was solved by the team yesterday (August 11th).
According to the WordPress blog, while the issue was unlikely to allow remote access to accounts, it may have been "very annoying".
Matt Mullenweg, the founder of WordPress, said: "We fixed this problem last night and have been testing the fixes and looking for other problems since then.
"Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress."
WordPress recently announced the retirement of its 2.0.x legacy branch, which was first launched four years ago.
Written by Chris Ball