January 8, 2007

Wordpress Unspecified Vulnerability

Secunia is reporting that an unspecified vulnerability has been found in Wordpress. This, along with a user account enumeration weakness, is the latest security issue to affect the highly popular open-source blogging platform.

The unspecified vulnerability affects all versions prior to 2.0.6 whereas the user account enumeration weakness has been confirmed to only affect 2.0.5. Other releases may be affected but have yet to be validated.

In order to mitigate these issues it is highly recommended that users upgrade to Wordpress 2.0.6. It is always recommended to upgrade when critical security issues are located in products that are currently in use.

Subscribe, Trackback or Bookmark?

5 Comments on “Wordpress Unspecified Vulnerability”

Comments

1 Vince (attila) Jan 8th, 2007, at 10:43:42

I’ve upgraded… always gotta have the latest WP :P

2 ~Aukon Jan 10th, 2007, at 01:07:30

Thanks for the heads up!

3 Simon Jan 14th, 2007, at 19:32:04

I upgraded and it broke my wordpress :(

4 Scott Jan 14th, 2007, at 21:14:41

Simon: How did it break your Wordpress? Like, what is not working which used to work?

Trackbacks

5 jarkolicious :: WordPress 2.0.7 Released Jan 17th, 2007, at 15:37:48

[...] PHP that may cause security vulnerabilities. Wordpress 2.0.7 also comes packaged with fixes for the previously reported unspecified [...]