WordPress Philippines

WordPress 2.6.2

By: Sophia Lucero | September 9, 2008 | Leave a Comment

WordPress 2.6.2 is a security release which tackles problems with SQL Column Truncation and mt_rand().

Since WordPress 2.6.1 was an optional update—first time in the history of WordPress—is WP 2.6.2 the same way? Here’s the answer:

If you allow open registration on your blog, you should definitely upgrade. With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password.

The dev blog also notes that this vulnerability is also applicable to other PHP-based applications.

Aside from security fixes, WP 2.6.2 contains a number of bug fixes as well.

Download WordPress 2.6.2 now.

Related Posts

• WordPress 2.6.1 Beta 2
• WordPress 2.6.1
• WordPress.com blogs DOS attacked
• WordPress Plugin: WordPress Exploit Scanner
• WordPress MU 2.6.1

Tags: bug, password, registration, security, username, wordpress, wordpress 2.6.1, wordpress 2.6.2