Important security announcement affecting ALL WordPress users!
July 27th, 2006
If you are running WordPress then you need to disable the Anyone can register (under Options in the admin panel) feature immediately!
At the same time, disable any suspicious guest accounts that might have been created (again, from the admin control panel, under Users > Authors & Users).
Deleting users in WordPress 1.5
Deleting users in WordPress 2.0
The reason for this is that a vulnerability has been discovered in WordPress that could allow hackers to cause some serious damage to your WordPress blog is you leave this feature activated.
More details here.
This entry was posted on Thursday, July 27th, 2006 at 01:13 and is filed under In the News, Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
July 28th, 2006 at 04:34
[...] Thanks to some drastic and controversial actions taken by SpamKarma creator Dr. Dave, a large percentage of the blogging populace has been alerted to a security hole in WordPress. He even went to the effort of activating a warning message that was sent out to everyone who uses his SK2 plugin. This has resulted in a lot of fear spreading amoung a huge number of bloggers. This sort of thing just spreads exponentialy. Here’s a quasi random sampling of two dozen of the first posts on it: ....................... And these were just from the English blogs that post about this on the same day as the notice going out. The neat thing is that these are some of the most on-top-of-things bloggers out there. Those 24 blogs have some great content and gread visual styles. The are well worth perusing… [...]