[resolved] WordPress 2.1.3 Akismet Vulnerability (5 posts)

  1. ernohannink
    Posted 9 years ago #

    Found this article:
    David Kierznowski of Operation n has discovered a serious flaw in the Akismet anti-spam plugin that comes by default with the latest version of WordPress (2.1.3).

    It has not been confirmed as yet, but I believe this will affect all versions of the plugin. The vendor has been notified, and more information regarding the vulnerability will be released when a suitable fix has been released.

    I know its painful, but its recommended that you disable the Akismet plugin immediately.

    The vendor was notified: 14/05/07
    Response received: 14/05/07
    Fix received: 14/05/07

    The Akismet v2.0.2 Download upgrade has been made to address these issues and may be downloaded here.

    But I have a bad feeling about this.
    Is this really true? Or am I then making my system vulnerable by disabling the Akismet plugin? And downloading the mentioned version.

    Because I can not find any message on the Akismet blog/site about it, or on the WordPress blog. Can someone please clarify.
    Thank you.

    No links included in here, but the original article is here

  2. drmike
    Posted 9 years ago #

    Looks like it got fixed the same day it was pointed out to them. I'd just make sure you upgrade.

  3. Alex Cragg
    Posted 9 years ago #

    check on the akismet site to see if the version you now download is an updated one from that day, otherwise you could be right, it might be a scam to get you to download a dodgy version. Unless the download link they give takes you to akismet?

  4. ernohannink
    Posted 9 years ago #

  5. ernohannink
    Posted 9 years ago #

    I have noticed that Akistmet has updated their file. When you download you will receive the version of May 14. Also in the new WordPress 2.2, this version is included.

Topic Closed

This topic has been closed to new replies.

About this Topic