WordPress blogs vulnerable to attack

WordPress developers have released an "urgent" security update to the widely used blog publishing tool to address a flaw that could allow unauthorised users to edit other users' blog posts.
Less serious bugs have also surfaced in two WordPress add-ons, the WP-Forum plugin and the multi-user version of WordPress, WordPress MU.
WordPress is currently one of the most popular blog publishing systems, and is widely used by large organisations.
The WordPress update, version 2.3.3, addresses a bug in WordPress' XML-RPC implementation, developers said.
"If you have registration enabled... a specially crafted request would allow a user to edit posts of other users on that blog," said a WordPress spokesman on the software's website.
Users can download the fixed application directly, or the patched version of xmlrpc.php on its own.
Separately, an unpatched WP-Forum plugin bug has been found to allow attackers to retrieve information such as user names, password hashes and email addresses for users and administrators on a compromised blog, according to Secunia.
The vulnerability "is being actively exploited right now," WordPress said, advising users to disable the plugin until a patch has become available.
Also on Tuesday, WordPress released a fix for a bug in WordPress MU that could be exploited to bypass security restrictions and compromose a vulnerable system.
The bug, found in the wp-admin/options.php script, does not properly restrict changes to options, which could be abused to for instance upload and execute arbitrary PHP code, according to Secunia.
However, to exploit the flaw an attacker must have valid user credentials and "manage_options" capabilities. "Upload_files" capabilities must also be present, Secunia said.
The flaw is fixed in version 1.3.3 of WordPress MU, according to developers.