Dr Dave says there is a sploit for Wordpress out there
According to Dr Dave, the celebrated creator of Spam Karma, there is a serious vulnerability in current versions of Wordpress. He says that to be safe, you should make sure that Options -> General -> Anyone can register is unchecked. My feeling is that this has something to do with the upcoming Wordpress 2.0.4 release, which was mentioned on June 29th but has not yet been finalized.
Considering the history of egregious security issues in Wordpress (at one point a year ago, Gentoo had even package-masked it because of the Wordpress devs’ lax security attitude), I would take Dr Dave’s warning very seriously.
July 28th, 2006 at 0:34
[…] Thanks to some drastic and controversial actions taken by SpamKarma creator Dr. Dave, a large percentage of the blogging populace has been alerted to a security hole in WordPress. He even went to the effort of activating a warning message that was sent out to everyone who uses his SK2 plugin. This has resulted in a lot of fear spreading amoung a huge number of bloggers. This sort of thing just spreads exponentialy. Here’s a quasi random sampling of two dozen of the first posts on it: ………………….. And these were just from the English blogs that post about this on the same day as the notice going out. The neat thing is that these are some of the most on-top-of-things bloggers out there. Those 24 blogs have some great content and gread visual styles. The are well worth perusing… […]