Register

The Most Active and Friendliest
Affiliate Marketing Community Online!

Register
“AdsEmpire”/  Direct Affiliate

WordPress 2.84 fixes Reset Admin Password Vulnerability

D

djbaxter

Guest
WordPress <= 2.8.3 Reset Admin Password Vulnerability
by DK
August 11, 2009

An exploit has been released for all current versions of WordPress including WordPress <= 2.8.3.

Laurent Gaffi? who published the finding says:

An attacker could exploit this vulnerability to compromise the admin
account of any wordpress/wordpress-mu <= 2.8.3
From what I can tell the vulnerability allows an attacker to reset the admin user account without having a valid email address. This could certainly be used in a denial of service vulnerability, locking an admin out their site by continually changing the password.
Click to expand...

...more

Upgrade to WordPress 2.84 either automatically via your Admin Control Panel or download and manually install WordPress 2.84 here.
 
Wow, that's scary. I will upgrade right away.
I doesn't sound good that some p**ck could compromise all my hard work.

Thanks for the info.
 

Similar threads

Drayce
  • Question
Seeking Help Wordpress Contact Form 7 with dr cash API application
Replies
4
Views
1K
Drayce
Drayce
Graybeard
JSON-feed API on your WordPress site!
Replies
0
Views
1K
Graybeard
Graybeard
thomas1957
Wordpress tutorials
Replies
10
Views
912
Honeybadger
Honeybadger
IM_Newbie
[GIVEAWAY] WordPress Theme or Plugin!
Replies
1
Views
783
Bezos
B
D
Is this true or common that offers or campaigns reset after like a month?
Replies
1
Views
661
Graybeard
Graybeard
MI
Back