WordPress 2.8.2 Available for Download
WordPress, the most popular blogging software is vulnerable. You don’t need to worry about it, WordPress has released a security patch — 2.8.2. If you are using 2.8 or 2.8.1 you should upgrade right away!
Quote from WordPress:
WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site. Download 2.8.2 or automatically upgrade from the Tools->Upgrade page of your blog’s admin.
Sensonize.com got hacked a few days back because of this vulnerability which is extremely dangerous. You can lose all your content and blog if a hacker runs this exploit on your blog.
The upgrade changes only 10 files and doesn’t touch the database. A simple upload and replace is all that’s required. Or you can use the auto upgrade feature built into the WordPress software.