web statistics
Image 01 Image 02

WordPress 2.8.4 Security Release : Fixes Remote Password Reset Vulnerability

0
Share |

I’ve read about a WordPress Vulnerability at that a specially crafted URL like the one below could allow a remote password reset,bypassing the security check to verify a user requested a password reset with the new password sent to the email id provided by the unknown user, leaving you locked out of your own blog’s login.

http://www.domain.com/wp-login.php?action=lostpassword

wplogin Wordpress 2.8.4 Security Release : Fixes Remote Password Reset Vulnerability

WordPress 2.8.4 fixes this problem and is highly recommended to update immediately to WordPress 2.8.4 to prevent such a attack.Though this does not allow remote access, unless your blog’s only user is admin which is commonly used.

Source : GHacks & WordPress Blog.


Posted on 12th August 2009 by Avinash under category NEWS, WordPress

Related Posts

  1. WordPress 2.8.3 Released – Security Release
  2. WordPress 2.8.2 Released – Fixes XSS Vulnerability
  3. Reset WordPress Login Password From phpMyAdmin
  4. WordPress 2.6.2 Released !!
  5. How To Backup WordPress Data On Remote Server Automatically Using iDrive

Leave a Reply

Related Tags :

wordpress 2 8 4 exploit, wordpress 2 8 4 vuln, remote software, cache:3dUu1tZt2H0J:www techyard net/compress-images-automatically-using-smushit-wordpress-plugin/ image compression plug in firefox, wordpress remote password reset, wordpress 2 6 2 remote exploit, verify password wordpress, security news, reset vista password remote network user, Remote Password Reset, ipod touch remote password invalid, exploit WordPress 2 8 4, wp 2 8 4 exploit

Web Informer Button