Forums

WordPress › Support » Requests and Feedback

WordPress admin password reset vulnerability in WP <= 2.8.3 (3 posts)

  1. harrism
    Member
    Posted 2 years ago #

    I was recently alerted to this very bad security vulnerability that affects up to and including WP 2.8.3.

    http://lists.grok.org.uk/pipermail/full-disclosure/2009-August/070137.html

    Is there a fix in the works?

    Mark

  2. harrism
    Member
    Posted 2 years ago #

    I see there's a fix in WP trac:
    http://core.trac.wordpress.org/changeset/11798

    Hopefully they release a 2.8.4 ASAP.

    Mark

  3. spidermann
    Member
    Posted 2 years ago #

    supposed do it yourself fix:

    http://www.programmerfish.com/fix-wordpress-admin-password-reset-exploit/

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags