建议大家尽快升级wordpress到2.8.4,因为wordpress 2.8.4 修复了一处可能造成管理员密码泄露的安全漏洞。
wordpress官方介绍如下:
Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.
