WordPress 2.0.5 Vulnerabilities
Well if you haven’t upgraded to WordPress 2.0.6 we would recommend you do it now!
There were two critical vulnerabilities found in WordPress <= 2.0.5:
Credits to Stefan Esser [sesser@hardened-php.net]. He seems to have released an advisory for the CSRF and written a POC exploit for the SQL Injection hole. I assume the CSRF hole is the same one that we found last month.