I noticed several posts last night stating that Wordpress 2.1.1 had an exploit in ir as a cracker had somehow gained access to on of the Wordpress servers and had modified two files so that he or she could remotely execute PHP code on any Wordpress powered site. The cracker apparently only modified the Wordpress 2.1.1 download files and as far as the Development team can tell has not gained access to code repository.
I’m really glad this intrusion was caught and really speaks for the openness of the Open Source Community. I have upgraded my site an my brother’s site to version 2.1.2 so that my new server stays safe. If you haven’t upgraded th 2.1.2 I really suggest that you do so quickly as we do not know exactly when the code was modified so you could be at risk!
If your curious read the announcement here” from the Official Wordpress Development Blog.
0 Responses to “Wordpress 2.1.2”