WordPress 2.8.4: Security Release

WordPress 2.8.4: Security Release

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress.

SiBintang.com sudah update! Anda bila lagi?

Tagged as: admin account, attacker, password reset, remote access, security check, security release, vulnerability, Wordpress, Wordpress 2.8.4

Comments


Name

Email

Website


Notify me of follow-up comments by email.
Notify me of new posts by email.
Threaded commenting powered by Spectacu.la code.
pjan August 15, 2009 at 11:25 am

tak larat aku nak update..rasanya baru update version 2.8.3..lagipun aku rasa wp version 2.8xx ni ada prob sket la..
.-= pjan´s last blog ..H1N1 Menggila dan orang gila. =-.

Reply Link
- Mr.Bintang August 15, 2009 at 11:39 am
  
  Ye ke.. hihi…
  a’ah.. kjap² ade update.. kan?
  Kalau camtu tunggu WordPress 2.9 lak lah… huuuu~ :mrgreen:
  
  Reply Link
teh August 13, 2009 at 5:09 am

ngee~
bakal2..hehe
.-= teh´s last blog ..Pesta Flora Putrajaya =-.

Reply Link
- Mr.Bintang August 14, 2009 at 7:51 pm
  
  :P dah update lum? hihihi..
  
  Reply Link
negaraku.net August 12, 2009 at 6:17 pm

WordPress 2.8.4: Security Release | Aku dan kamu…..

SiBintang.com sudah update! Anda bila lagi?…

WordPress 2.8.4: Security Release

Weekly Most Viewed Posts

Waktu Solat

©2011 All Rights Reserved. SiBintang.com