WordPress 2.8.4 Security Release available


1 min read
WordPress 2.8.4 Security Release available

In reponse to a security threat that allowed potential attackers to bypass a security check to verify a user requested a password reset, the WordPress team has announced a new release.

WordPress 2.8.4 is a security update to address this threat and keep the popular open source blog software free of security risks.

From the release:

“Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress.”


Ektron 2009 All Star Award Winning Web sites Announced
Previous article

Ektron 2009 All Star Award Winning Web sites Announced

Ektron Inc., a technology and market leader in Web content management software, today announced the 2009 Ektron All Star Award winners. Award recipients were selected

Help test MovableType 5
Next article

Help test MovableType 5

MovableType 5 is available for beta testing from the movabletype.org website. We strongly encourage you to help them test it out if you have


GO TOP

🎉 You've successfully subscribed to CMS Critic!
OK