Category Archives: wordpress

WordPress <= 2.8.3 Reset Admin Password Vulnerability

An exploit has been released for all current versions of WordPress including WordPress <= 2.8.3. Laurent Gaffié who published the finding says: An attacker could exploit this vulnerability to compromise the admin account of any wordpress/wordpress-mu <= 2.8.3 From what I can tell the vulnerability allows an attacker to reset the admin user account without having a… Read More »