SilverCircle
Well-known member
See here:
http://en.blog.wordpress.com/2011/04/13/security/
If I had a hosted blog there, I would now change my password. Full root access is a serious thing.
As far as I understand it, the incident only affected wordpress.com where they host their blogs. The WordPress software itself (hosted on wordpress.org) shouldn't be affected but as a precaution, you may refuse from automatically update WordPress and/or plugins until more information about the incident becomes available.
http://en.blog.wordpress.com/2011/04/13/security/
If I had a hosted blog there, I would now change my password. Full root access is a serious thing.
As far as I understand it, the incident only affected wordpress.com where they host their blogs. The WordPress software itself (hosted on wordpress.org) shouldn't be affected but as a precaution, you may refuse from automatically update WordPress and/or plugins until more information about the incident becomes available.