You are here: Portal Home > Announcements > Wordpress Installations Upgraded to 2.8.4
Wordpress Installations Upgraded to 2.8.4
08/13/2009 06:36
Due to an urgent security update released for Wordpress, all installations installed via the Installatron interface have been upgraded to the latest 2.8.4 version.
From Wordpress.org:
Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying. We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress. If you have any custom installs of Wordpress, we highly recommend upgrading to the latest 2.8.4 version. If you need any assistance with your upgrade, feel free to submit a support ticket and we will help out in any way we can.
