WordPress 1.5.2 is out and includes an important fix to an important security bug. If you don’t upgrade then make sure you follow the instructions at the support site for a temporary fix until you do an upgrade (which I’ll do on my other site on Monday)
Update My test site is now upgraded (I forgot to disable the blacklist plugin first though (again)). I just have to do the installation on my uniform server too, but as that is not available on the internet there is no rush.
Comments
Yea, it didn’t take long for some script kiddie to have fun with my site and hack it. The hack registers a user then promotes the user to level 9. After that, he apparently had access to all of the admin features he needed and had a field day with the site.
He didn’t do any damage really, but it just drove home the fact that I really don’t want to blog anymore.
Also, wasn’t it possible to upload the files to the site via “AUTO” instead of “Binary”. I couldn’t get the upgrade to work until I sent the files in binary mode. Ah well.