WordPress 2.8.4 – Security Release

Am impresia ca cei care dezvolta WordPress, au inceput sa se grabeasca. In ultima luna, cred ca au fost peste trei versiuni de WordPress.
Ultima versiune, WordPress 2.8.4 (12 August 2009), fixeaza o problema de securitate.

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

Instalati cu incredere…pana saptamana viitoare cred ca mai apar doua versiuni.