Ah it’s WordPress again, sometimes I wonder how many holes there are in WordPress. I guess a dedicated attacker could find some serious ones with the complexity of the code base.
It’s suspected some of the recent high profile breaches have come from WordPress exploits.
The latest one to become public is a simple but effective flaw, it doesn’t enable take-over but it does allow a prankster to lock an admin out of their blog by resetting the password.
Read the rest of WordPress 2.8.3 Admin Reset Exploit now! Only available at Darknet.