Comment How did BlogSecurity get this information? (Score 1) 82
"BlogSecurity incrementally harvested the WordPress software version from 50 blogs"
What does incrementally harvested mean? How did BlogSecurity obtain the version info from the blogs it polled, and how did they go about picking which blogs to poll?
There seems to be a lot of FUD in this article, and it's quickly cobbled together. There's no discussion on *how* vulnerable each version is. 2.1.3 was released April 3, but is discarded simply because the latest stable version is 2.2. Version 2.2, a major feature update version, was released only 8 days ago, and I imagine many people like me are waiting to upgrade until a couple of updates have passed.
Basing a security statement of frightening, alarming proportions solely on what version software people are using to drive personal blogs without any further research on what specific security holes exist (and how easy they are to exploit and what privileges or access they give) is, in my opinion, FUD.
