By DrDave:
If you are running WordPress as your blogging platform and if you have been trusting enough to leave User registration enabled for guests, DISABLE IT IMMEDIATELY (in wp-admin >> options: make sure “Anyone can register” is not checked).
Thanks Jona.
The Code Cave
[…] Thanks to some drastic and controversial actions taken by SpamKarma creator Dr. Dave, a large percentage of the blogging populace has been alerted to a security hole in WordPress. He even went to the effort of activating a warning message that was sent out to everyone who uses his SK2 plugin. This has resulted in a lot of fear spreading amoung a huge number of bloggers. This sort of thing just spreads exponentialy. Here’s a quasi random sampling of two dozen of the first posts on it: ………………….. And these were just from the English blogs that post about this on the same day as the notice going out. The neat thing is that these are some of the most on-top-of-things bloggers out there. Those 24 blogs have some great content and gread visual styles. The are well worth perusing… […]