DarkFiber Consulting – IT Managed Services

WordPress Releases Version 2.6.2

September 9th, 2008 . by DarkFiber Consulting

WordPress has released version 2.6.2 to address multiple vulnerabilities. These vulnerabilities are due to SQL column truncation and weaknesses in random number generation. Combined, these vulnerabilities may allow an attacker to reset a user’s password and possibly predict the newly generated password. Exploitation of these vulnerabilities could permit an attacker to gain access to a system running WordPress with open registration enabled under the context of a legitimate user.

DarkFiber Consulting encourages users to review the WordPress Blog entry related to these issues and upgrade to version 2.6.2 as necessary.