News

WordPress 2.8.3 Admin Reset Password Issue

Hello Dear Friends,

A security hole was found in the WordPress 2.8.3 version and all the previous versions. First of all, I’f you haven’t already updated to 2.8.4, you better do it NOW

The Problem

Basically in order to reset your WordPress password, you click on “Forgot Your Password” and you add your details (if you know them). Someone found a way to immediately reset the password without even adding any of the key values.

The code used to do this is:

http://www.domainname.com/wp-login.php?action=rp&key[]=

You simply change the domainname.com with the one you want to reset and VOILA .. Check your email for confirmation
The Solution

There is already a solution provided officially by WordPress so all you have to do is update to the latest version (2.8.4)

Conclusion

This doesn’t hurt you at all, its more something which annoys you (because you wont be able to login with your old password) and all you have to do is login with the new password provided and change it back to your old password or a new more secure password

Regards

Olgi

Olgi Zenullari
A digital marketer / entrepreneur with a SEO obsession. This is my personal blog where I love sharing with you tips about online marketing, link building, blogging and making money online!
You may also like
Success.GrownUpGeek – 3rd Blog of The Week Winner
Bing Link Explorer is here!
no content