WP security bug
There's a pretty serious security bug with WP 1.2.1 (and the current 1.3 alpha), one that can make it so your blog is basically unusable (not permanently, as far as I can tell) but still - if you're using WordPress you should probably make this change.
In any case, here is how you fix the problem. It's a very easy fix. If you can search for text on a page, you can fix this problem.
I hesitated posting this, because I don't want to "start a panic" - nor do I want to give instructions on how to hack WP blogs. But I do think it's important that people go ahead and make this change.
[brought to my attention by Christine]
December 8th, 2004 at 12:44 am
Thanks for the heads up
December 8th, 2004 at 2:06 am
If something goes wrong, it can be fixed and usuable again; it requires knowledge of PHPMyAdmin to go into the database to fix the URL. Then everything should work again just fine.
December 8th, 2004 at 4:26 am
This isn't a severe site breach, so I don't have a problem with notifying everyone. If this were a more serious bug, then I'd use caution. But all it really does it make your site ugly and quasi-functional, and there is no loss of data.
December 8th, 2004 at 4:42 pm
December 9th, 2004 at 6:59 pm
Just saw that scriptygoddess posted about it, too. I first read about the bug in this post, but didn't think much of it. Until three days later my site was broken. I grepped through the log file to see what had happened, and found the guy who did it. …