Hello WordPress Lovers,
According to Dr. Dave a grave security exploit has been found in all versions of WordPress.
If you are running WordPress as your blogging platform and if you have been trusting enough to leave User registration enabled for guests, DISABLE IT IMMEDIATELY (in wp-admin > options: make sure “Anyone can register” is not checked).
WordPress 2.0.4 has been released which fixes this security issue:
WordPress 2.0.4, the latest stable release in our Duke series, is available for immediate download. This release contains several important security fixes, so it’s highly recommended for all users. We’ve also rolled in a number of bug fixes (over 50!), so it’s a pretty solid release across the board.
Tags: security, exploit, blogging, User registration, guests, DISABLE, Anyone can register, WordPress 2.0.4, latest, stable release, Duke series, download, security fixes, bug fixes, solid release, WordPress