WordPress blog operators - Heads Up!
Posted by: rlparker
Posted on: 2008-01-25 17:54:00
While I generally prefer *not* to publicize exploitable weaknesses in web applications, there are times when such a weakness is already public, and no additional harm is likely to come from discussing it and encouraging others to apply the appropriate "fix".
Such is the case, I believe, with one WordPress plugin for managing permalinks: Dean's Permalilnks Migration Plugin version 1.0
If you are running this plugin on your WordPress site, you really *do* need to address the recently exposed issue discussed on the Weblog Tools Collection blog.
A "fixed" version of the plugin that addresses the problem is reportedly available via a link in the article referenced above.
--rlparker