Found this article:
David Kierznowski of Operation n has discovered a serious flaw in the Akismet anti-spam plugin that comes by default with the latest version of WordPress (2.1.3).
It has not been confirmed as yet, but I believe this will affect all versions of the plugin. The vendor has been notified, and more information regarding the vulnerability will be released when a suitable fix has been released.
I know its painful, but its recommended that you disable the Akismet plugin immediately.
The vendor was notified: 14/05/07
Response received: 14/05/07
Fix received: 14/05/07
The Akismet v2.0.2 Download upgrade has been made to address these issues and may be downloaded here.
But I have a bad feeling about this.
Is this really true? Or am I then making my system vulnerable by disabling the Akismet plugin? And downloading the mentioned version.
Because I can not find any message on the Akismet blog/site about it, or on the WordPress blog. Can someone please clarify.
No links included in here, but the original article is here
Looks like it got fixed the same day it was pointed out to them. I’d just make sure you upgrade.
check on the akismet site to see if the version you now download is an updated one from that day, otherwise you could be right, it might be a scam to get you to download a dodgy version. Unless the download link they give takes you to akismet?
It actually takes you to http://dev.wp-plugins.org/browser/akismet
- The topic ‘WordPress 2.1.3 Akismet Vulnerability’ is closed to new replies.