WordPress 2.6.3 CSRF security vulnerability
No link, because I’m posting this from my iPhone. But it looks like WordPress 2.6.3, the latest version, has a cross site request forgery vulnerability. The way CSRF works, if you have your WP site open and are logged in, an attacker can use another web page that’s open at the same time to perform [...]
