Mar 2 2007
Just a few days after the WordPress 2.11 update was released, another update has been issued. This time its a fix to a security exploit written into the software by a cracker. WordPress was modified in 2 areas which would have allowed remote execution of code.
This exploit only affects those who made the upgrade to 2.11. If you didn’t upgrade, there is nothing to be concerned with. You should make the upgrade to 2.12 anyways because it does deal with bugs found in previous versions.
It’s unfortunate that a cracker managed to bypass WordPress’ security, but these things happen. Fortunately, the WordPress developers caught it early and fixed the problem.